Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2018-20615
Vulnerability from cvelistv5
Published
2019-03-18 16:11
Modified
2024-08-05 12:05
Severity ?
EPSS score ?
Summary
An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:05:17.640Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "106645", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106645", }, { name: "RHSA-2019:0275", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { name: "[opensuse-security-announce] 20190213 [security-announce] openSUSE-SU-2019:0166-1: important: Security update for haproxy", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html", }, { name: "3858-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3858-1/", }, { name: "[haproxy@formilux.org] 20190108 [ANNOUNCE] haproxy-1.8.17", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.mail-archive.com/haproxy%40formilux.org/msg32304.html", }, { name: "RHBA-2019:0327", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2019:0327", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-24T05:06:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "106645", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106645", }, { name: "RHSA-2019:0275", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { name: "[opensuse-security-announce] 20190213 [security-announce] openSUSE-SU-2019:0166-1: important: Security update for haproxy", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html", }, { name: "3858-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3858-1/", }, { name: "[haproxy@formilux.org] 20190108 [ANNOUNCE] haproxy-1.8.17", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.mail-archive.com/haproxy%40formilux.org/msg32304.html", }, { name: "RHBA-2019:0327", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHBA-2019:0327", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20615", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "106645", refsource: "BID", url: "http://www.securityfocus.com/bid/106645", }, { name: "RHSA-2019:0275", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { name: "[opensuse-security-announce] 20190213 [security-announce] openSUSE-SU-2019:0166-1: important: Security update for haproxy", refsource: "MLIST", url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html", }, { name: "3858-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3858-1/", }, { name: "[haproxy@formilux.org] 20190108 [ANNOUNCE] haproxy-1.8.17", refsource: "MLIST", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32304.html", }, { name: "RHBA-2019:0327", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHBA-2019:0327", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-20615", datePublished: "2019-03-18T16:11:36", dateReserved: "2018-12-31T00:00:00", dateUpdated: "2024-08-05T12:05:17.640Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2018-20615\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-03-21T16:00:36.297\",\"lastModified\":\"2024-11-21T04:01:51.733\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema de lectura fuera de límites en el decodificador del protocolo HTTP/2 en HAProxy, en versiones 1.8.x y 1.9.x hasta la 1.9.0, lo que puede resultar en un cierre inesperado. El procesamiento del flag PRIORITY en un frame HEADERS requiere 5 bytes adicionales y, aunque se omiten estos bytes, la longitud total del frame no se volvió a comprobar para asegurar que estaban presentes en la trama.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.8.0\",\"versionEndIncluding\":\"1.8.19\",\"matchCriteriaId\":\"6D9F2EFA-B2B2-409C-A97A-E05A4E82BE14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1047461B-5BDA-4E41-A7D9-76B08E900468\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev0:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A41C4AD-11B0-4676-AD44-A5A96ACF8DE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev1:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D05CF3-6764-4238-86CF-A2B34668EB7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev10:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDEE25E3-D419-4CF8-ABD7-68F4776C3A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev11:*:*:*:*:*:*\",\"matchCriteriaId\":\"386AC3AC-187C-4AB8-8F25-C9F6FBC68EC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1492C457-1304-42B5-A6AE-2E7355DF5E9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev3:*:*:*:*:*:*\",\"matchCriteriaId\":\"49C58F7E-BD94-43E0-B375-635228F02D9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev4:*:*:*:*:*:*\",\"matchCriteriaId\":\"0646A03C-8DD1-44A2-B4A9-F4C493E9BDDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev5:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AC98E81-5377-4729-9AD4-F35BB16E99C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev6:*:*:*:*:*:*\",\"matchCriteriaId\":\"81BABB2D-8E02-402C-A53D-BB4603D43B77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev7:*:*:*:*:*:*\",\"matchCriteriaId\":\"68AD00F1-BBC4-4FF1-9C44-AF2B7E88F5C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev8:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9E46AC-2CA0-4AB0-A199-9726FA507F33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:1.9.0:dev9:*:*:*:*:*:*\",\"matchCriteriaId\":\"51C49D8B-3A86-4EBF-83B5-5F5BBE6C088F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1E78106-58E6-4D59-990F-75DA575BFAD9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F87326E-0B56-4356-A889-73D026DB1D4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041F9200-4C01-4187-AE34-240E8277B54D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EB48767-F095-444F-9E05-D9AC345AB803\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F6FA12B-504C-4DBF-A32E-0548557AA2ED\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/106645\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:0327\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0275\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3858-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mail-archive.com/haproxy%40formilux.org/msg32304.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/106645\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:0327\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0275\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3858-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mail-archive.com/haproxy%40formilux.org/msg32304.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
rhsa-2019:0548
Vulnerability from csaf_redhat
Published
2019-03-14 07:58
Modified
2024-11-15 00:40
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.10 haproxy security update
Notes
Topic
An update for haproxy is now available for Red Hat OpenShift Container Platform 3.10.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.
Security fix(es):
* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for haproxy is now available for Red Hat OpenShift Container Platform 3.10.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.\n\nSecurity fix(es):\n\n* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0548", url: "https://access.redhat.com/errata/RHSA-2019:0548", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0548.json", }, ], title: "Red Hat Security Advisory: OpenShift Container Platform 3.10 haproxy security update", tracking: { current_release_date: "2024-11-15T00:40:14+00:00", generator: { date: "2024-11-15T00:40:14+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0548", initial_release_date: "2019-03-14T07:58:11+00:00", revision_history: [ { date: "2019-03-14T07:58:11+00:00", number: "1", summary: "Initial version", }, { date: "2019-03-14T07:58:11+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:40:14+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.10", product: { name: "Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.10::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.x86_64", product: { name: "haproxy18-0:1.8.17-3.el7.x86_64", product_id: "haproxy18-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy18-0:1.8.17-3.el7.ppc64le", product_id: "haproxy18-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "haproxy-0:1.8.17-3.el7.src", product: { name: "haproxy-0:1.8.17-3.el7.src", product_id: "haproxy-0:1.8.17-3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", }, product_reference: "haproxy-0:1.8.17-3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy18-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy18-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-03-14T07:58:11+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate\n\nhttps://docs.openshift.com/container-platform/3.10/release_notes/ocp_3_10_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0548", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, ], }
RHBA-2019:0326
Vulnerability from csaf_redhat
Published
2019-02-20 14:11
Modified
2025-03-19 14:50
Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.82 is now available with updates to packages and images that fix several bugs.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.82. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2019:0327
Space precludes documenting all of the bug fixes in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html
All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Container Platform release 3.11.82 is now available with updates to packages and images that fix several bugs.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.82. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2019:0327\n\nSpace precludes documenting all of the bug fixes in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2019:0326", url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "external", summary: "1506736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506736", }, { category: "external", summary: "1598822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1598822", }, { category: "external", summary: "1615719", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1615719", }, { category: "external", summary: "1623338", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1623338", }, { category: "external", summary: "1634302", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1634302", }, { category: "external", summary: "1635254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1635254", }, { category: "external", summary: "1635613", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1635613", }, { category: "external", summary: "1642379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642379", }, { category: "external", summary: "1642929", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642929", }, { category: "external", summary: "1651090", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1651090", }, { category: "external", summary: "1651632", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1651632", }, { category: "external", summary: "1655183", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1655183", }, { category: "external", summary: "1657019", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1657019", }, { category: "external", summary: "1659194", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659194", }, { category: "external", summary: "1659441", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659441", }, { category: "external", summary: "1659653", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659653", }, { category: "external", summary: "1659976", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659976", }, { category: "external", summary: "1660598", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1660598", }, { category: "external", summary: "1664753", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1664753", }, { category: "external", summary: "1665235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1665235", }, { category: "external", summary: "1666820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1666820", }, { category: "external", summary: "1667270", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667270", }, { category: "external", summary: "1667618", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667618", }, { category: "external", summary: "1668412", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668412", }, { category: "external", summary: "1668828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668828", }, { category: "external", summary: "1668970", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668970", }, { category: "external", summary: "1669019", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669019", }, { category: "external", summary: "1669194", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669194", }, { category: "external", summary: "1669439", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669439", }, { category: "external", summary: "1669555", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669555", }, { category: "external", summary: "1669984", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669984", }, { category: "external", summary: "1670551", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670551", }, { category: "external", summary: "1673178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1673178", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_0326.json", }, ], title: "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update", tracking: { current_release_date: "2025-03-19T14:50:04+00:00", generator: { date: "2025-03-19T14:50:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHBA-2019:0326", initial_release_date: "2019-02-20T14:11:43+00:00", revision_history: [ { date: "2019-02-20T14:11:43+00:00", number: "1", summary: "Initial version", }, { date: "2019-02-20T14:11:43+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T14:50:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.11", product: { name: "Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.11::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", product: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", product_id: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-master@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-pod@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-tests@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-clients@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", product_id: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.82-1.git.1673.133961e.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_id: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", product: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", product_id: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.82-1.git.1063.48444e8.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", product: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", product_id: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", product: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", product_id: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.x86_64", product: { name: "haproxy18-0:1.8.17-3.el7.x86_64", product_id: "haproxy18-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", product: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", product_id: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.82-1.git.5027.9d24833.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", product: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", product_id: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", product: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", product_id: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", product_id: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", product: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", product_id: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", product: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", product_id: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", product: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", product_id: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", product: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", product_id: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", product: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", product_id: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", product_id: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", product: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", product_id: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", product: { name: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", product_id: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.82-1.git.1063.48444e8.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", product: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", product_id: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-0:2.150.2.1549032159-1.el7.src", product: { name: "jenkins-0:2.150.2.1549032159-1.el7.src", product_id: "jenkins-0:2.150.2.1549032159-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.150.2.1549032159-1.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", product: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", product_id: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=src", }, }, }, { category: "product_version", name: "haproxy-0:1.8.17-3.el7.src", product: { name: "haproxy-0:1.8.17-3.el7.src", product_id: "haproxy-0:1.8.17-3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", product: { name: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", product_id: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.82-1.git.5027.9d24833.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", product: { name: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", product_id: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", product: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", product_id: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1549642489-1.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", product: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", product_id: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", product_id: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", product: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", product_id: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", product: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", product_id: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", product: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", product_id: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", product: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", product_id: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.82-3.git.0.9718d0a.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", product: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", product_id: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-master@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-pod@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-tests@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-clients@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", product_id: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.82-1.git.1673.133961e.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", product: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", product_id: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.82-1.git.1063.48444e8.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", product: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", product_id: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", product: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", product_id: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy18-0:1.8.17-3.el7.ppc64le", product_id: "haproxy18-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", product: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", product_id: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.82-1.git.5027.9d24833.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", product: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", product_id: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", product: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", product_id: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", product_id: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", product: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", product_id: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", product: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", product_id: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", product: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", product_id: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product: { name: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_id: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-excluder@3.11.82-1.git.0.08bc31b.el7?arch=noarch", }, }, }, { category: "product_version", name: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product: { name: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_id: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.82-1.git.0.08bc31b.el7?arch=noarch", }, }, }, { category: "product_version", name: "jenkins-0:2.150.2.1549032159-1.el7.noarch", product: { name: "jenkins-0:2.150.2.1549032159-1.el7.noarch", product_id: "jenkins-0:2.150.2.1549032159-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.150.2.1549032159-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", product: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", product_id: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1549642489-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-test@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-docs@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-roles@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", }, product_reference: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", }, product_reference: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", }, product_reference: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", }, product_reference: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", }, product_reference: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", }, product_reference: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", }, product_reference: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", }, product_reference: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", }, product_reference: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", }, product_reference: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", }, product_reference: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", }, product_reference: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", }, product_reference: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", }, product_reference: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", }, product_reference: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", }, product_reference: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", }, product_reference: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", }, product_reference: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", }, product_reference: "haproxy-0:1.8.17-3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy18-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy18-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.150.2.1549032159-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", }, product_reference: "jenkins-0:2.150.2.1549032159-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.150.2.1549032159-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", }, product_reference: "jenkins-0:2.150.2.1549032159-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", }, product_reference: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", }, product_reference: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", }, product_reference: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", }, product_reference: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", }, product_reference: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", }, product_reference: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", }, product_reference: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", }, product_reference: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", }, product_reference: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", }, product_reference: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", }, product_reference: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", }, product_reference: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20102", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1658874", }, ], notes: [ { category: "description", text: "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20102", }, { category: "external", summary: "RHBZ#1658874", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1658874", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20102", url: "https://www.cve.org/CVERecord?id=CVE-2018-20102", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", }, { category: "external", summary: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", }, ], release_date: "2018-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", }, { cve: "CVE-2018-20103", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1658876", }, ], notes: [ { category: "description", text: "An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20103", }, { category: "external", summary: "RHBZ#1658876", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1658876", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20103", url: "https://www.cve.org/CVERecord?id=CVE-2018-20103", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20103", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20103", }, { category: "external", summary: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", }, ], release_date: "2018-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service", }, { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, { cve: "CVE-2018-1000865", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2018-11-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1647059", }, ], notes: [ { category: "description", text: "A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000865", }, { category: "external", summary: "RHBZ#1647059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1647059", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000865", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000865", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000865", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000865", }, ], release_date: "2018-10-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "workaround", details: "Do not run untrusted jenkins pipeline scripts.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", }, { cve: "CVE-2018-1000866", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2018-11-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1647059", }, ], notes: [ { category: "description", text: "A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000866", }, { category: "external", summary: "RHBZ#1647059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1647059", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000866", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000866", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000866", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000866", }, ], release_date: "2018-10-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "workaround", details: "Do not run untrusted jenkins pipeline scripts.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", }, { cve: "CVE-2019-3826", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-02-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1672865", }, ], notes: [ { category: "description", text: "A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus. An attacker could exploit this by convincing an authenticated user to visit a crafted URL on a Prometheus server, allowing for the execution and persistent storage of arbitrary scripts.", title: "Vulnerability description", }, { category: "summary", text: "prometheus: Stored DOM cross-site scripting (XSS) attack via crafted URL", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3826", }, { category: "external", summary: "RHBZ#1672865", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1672865", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3826", url: "https://www.cve.org/CVERecord?id=CVE-2019-3826", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3826", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3826", }, ], release_date: "2019-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "prometheus: Stored DOM cross-site scripting (XSS) attack via crafted URL", }, { cve: "CVE-2019-1003000", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1667566", }, ], notes: [ { category: "description", text: "A flaw was found in Jenkins Pipeline. The Script Security sandbox protection could be circumvented during the script compilation phase by applying AST, transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. This allowed users with Overall/Read permission, or able to control Jenkinsfile or sandboxed Pipeline shared library contents in SCM, to bypass the sandbox protection and execute arbitrary code on the Jenkins master. All known unsafe AST transformations in Groovy are now prohibited in sandboxed scripts. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003000", }, { category: "external", summary: "RHBZ#1667566", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667566", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003000", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003000", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003000", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003000", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-08/", url: "https://jenkins.io/security/advisory/2019-01-08/", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin", }, { cve: "CVE-2019-1003001", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669505", }, ], notes: [ { category: "description", text: "A flaw was found in Jenkins Pipeline. In the Declarative plugin, the script sandbox protection could be circumvented during the script compilation phase by applying AST. Both the pipeline validation REST APIs and the actual script/pipeline execution are affected. This allows users with Overall/Read permissions, or those able to control Jenkinsfile or the sandboxed Pipeline shared library contents in SCM, to bypass sandbox protection and execute arbitrary code on the Jenkins master. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-workflow-cps: Sandbox Bypass in Pipeline: Groovy Plugin", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003001", }, { category: "external", summary: "RHBZ#1669505", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669505", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003001", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003001", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003001", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003001", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-08/", url: "https://jenkins.io/security/advisory/2019-01-08/", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-workflow-cps: Sandbox Bypass in Pipeline: Groovy Plugin", }, { cve: "CVE-2019-1003002", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669508", }, ], notes: [ { category: "description", text: "A flaw was found in Jenkins Pipeline. Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. This allows users with Overall/Read permission, or able to control Jenkinsfile or sandboxed Pipeline shared library contents in SCM, to bypass the sandbox protection and execute arbitrary code on the Jenkins master. All known unsafe AST transformations in Groovy are now prohibited in sandboxed scripts. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003002", }, { category: "external", summary: "RHBZ#1669508", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669508", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003002", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003002", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003002", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003002", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-08/", url: "https://jenkins.io/security/advisory/2019-01-08/", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative", }, { cve: "CVE-2019-1003003", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2019-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1668345", }, ], notes: [ { category: "description", text: "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: cookie crafted using Jenkins script console allows unauthorised access to Jenkins instance", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003003", }, { category: "external", summary: "RHBZ#1668345", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668345", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003003", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003003", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003003", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003003", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-16/", url: "https://jenkins.io/security/advisory/2019-01-16/", }, ], release_date: "2019-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: cookie crafted using Jenkins script console allows unauthorised access to Jenkins instance", }, { cve: "CVE-2019-1003004", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2019-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1668736", }, ], notes: [ { category: "description", text: "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: deleting a user record will does not invalidate existing sessions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003004", }, { category: "external", summary: "RHBZ#1668736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668736", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003004", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003004", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003004", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003004", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-16/", url: "https://jenkins.io/security/advisory/2019-01-16/", }, ], release_date: "2019-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: deleting a user record will does not invalidate existing sessions", }, { cve: "CVE-2019-1003010", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670292", }, ], notes: [ { category: "description", text: "A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-git: CSRF vulnerability in Git Plugin (SECURITY-1095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003010", }, { category: "external", summary: "RHBZ#1670292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670292", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003010", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003010", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003010", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003010", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "jenkins-plugin-git: CSRF vulnerability in Git Plugin (SECURITY-1095)", }, { cve: "CVE-2019-1003011", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670296", }, ], notes: [ { category: "description", text: "An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/AbstractChangesSinceMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ChangesSinceLastBuildMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ProjectUrlMacro.java that allows attackers with the ability to control token macro input (such as SCM changelogs) to define recursive input that results in unexpected macro evaluation.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-token-macro: Recursive token expansion results in information disclosure and DoS in Token Macro Plugin (SECURITY-1102)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003011", }, { category: "external", summary: "RHBZ#1670296", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670296", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003011", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003011", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003011", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003011", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1102", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1102", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-token-macro: Recursive token expansion results in information disclosure and DoS in Token Macro Plugin (SECURITY-1102)", }, { cve: "CVE-2019-1003012", cwe: { id: "CWE-352", name: "Cross-Site Request Forgery (CSRF)", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670298", }, ], notes: [ { category: "description", text: "A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, blueocean-rest/src/main/java/io/jenkins/blueocean/rest/APICrumbExclusion.java, blueocean-web/src/main/java/io/jenkins/blueocean/BlueOceanUI.java, blueocean-web/src/main/resources/io/jenkins/blueocean/BlueOceanUI/index.jelly that allows attackers to bypass all cross-site request forgery protection in Blue Ocean API.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-blueocean: Blue Ocean did not require CSRF tokens (SECURITY-1201)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003012", }, { category: "external", summary: "RHBZ#1670298", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670298", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003012", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003012", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003012", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003012", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1201", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1201", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-blueocean: Blue Ocean did not require CSRF tokens (SECURITY-1201)", }, { cve: "CVE-2019-1003013", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670299", }, ], notes: [ { category: "description", text: "An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/JSONDataWriter.java, blueocean-rest-impl/src/main/java/io/jenkins/blueocean/service/embedded/UserStatePreloader.java, blueocean-web/src/main/resources/io/jenkins/blueocean/PageStatePreloadDecorator/header.jelly that allows attackers with permission to edit a user's description in Jenkins to have Blue Ocean render arbitrary HTML when using it as that user.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-blueocean: XSS vulnerability via user description in Blue Ocean (SECURITY-1204)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003013", }, { category: "external", summary: "RHBZ#1670299", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670299", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003013", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003013", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003013", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003013", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1204", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1204", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-blueocean: XSS vulnerability via user description in Blue Ocean (SECURITY-1204)", }, { cve: "CVE-2019-1003014", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1671324", }, ], notes: [ { category: "description", text: "An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to delete the shared configuration file.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-config-file-provider: Stored XSS vulnerability in Config File Provider Plugin (SECURITY-1253)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003014", }, { category: "external", summary: "RHBZ#1671324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1671324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003014", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003014", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003014", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003014", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1253", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1253", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-config-file-provider: Stored XSS vulnerability in Config File Provider Plugin (SECURITY-1253)", }, ], }
rhsa-2019_0547
Vulnerability from csaf_redhat
Published
2019-03-14 07:58
Modified
2024-11-15 00:40
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update
Notes
Topic
An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.
Security fix(es):
* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.\n\nSecurity fix(es):\n\n* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0547", url: "https://access.redhat.com/errata/RHSA-2019:0547", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0547.json", }, ], title: "Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update", tracking: { current_release_date: "2024-11-15T00:40:08+00:00", generator: { date: "2024-11-15T00:40:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0547", initial_release_date: "2019-03-14T07:58:31+00:00", revision_history: [ { date: "2019-03-14T07:58:31+00:00", number: "1", summary: "Initial version", }, { date: "2019-03-14T07:58:31+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:40:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.9", product: { name: "Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.9::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.x86_64", product: { name: "haproxy18-0:1.8.17-3.el7.x86_64", product_id: "haproxy18-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "haproxy-0:1.8.17-3.el7.src", product: { name: "haproxy-0:1.8.17-3.el7.src", product_id: "haproxy-0:1.8.17-3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", }, product_reference: "haproxy-0:1.8.17-3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.9", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.9", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy18-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.9", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20102", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1658874", }, ], notes: [ { category: "description", text: "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20102", }, { category: "external", summary: "RHBZ#1658874", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1658874", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20102", url: "https://www.cve.org/CVERecord?id=CVE-2018-20102", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", }, { category: "external", summary: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", }, ], release_date: "2018-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-03-14T07:58:31+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.9/release_notes/ocp_3_9_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0547", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", }, { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-03-14T07:58:31+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.9/release_notes/ocp_3_9_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0547", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, ], }
rhsa-2019_0275
Vulnerability from csaf_redhat
Published
2019-02-05 08:26
Modified
2024-11-15 00:39
Summary
Red Hat Security Advisory: rh-haproxy18-haproxy security update
Notes
Topic
An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.
Security Fix(es):
* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.\n\nSecurity Fix(es):\n\n* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0275", url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0275.json", }, ], title: "Red Hat Security Advisory: rh-haproxy18-haproxy security update", tracking: { current_release_date: "2024-11-15T00:39:36+00:00", generator: { date: "2024-11-15T00:39:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0275", initial_release_date: "2019-02-05T08:26:05+00:00", revision_history: [ { date: "2019-02-05T08:26:05+00:00", number: "1", summary: "Initial version", }, { date: "2019-02-05T08:26:05+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:39:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, ], category: "product_family", name: "Red Hat Software Collections", }, { branches: [ { category: "product_version", name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", product: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", product_id: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy-debuginfo@1.8.4-4.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", product: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", product_id: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy@1.8.4-4.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", product: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", product_id: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy-syspaths@1.8.4-4.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", product: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", product_id: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy@1.8.4-4.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-05T08:26:05+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, ], }
rhba-2019:0326
Vulnerability from csaf_redhat
Published
2019-02-20 14:11
Modified
2025-03-19 14:50
Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.82 is now available with updates to packages and images that fix several bugs.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.82. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2019:0327
Space precludes documenting all of the bug fixes in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html
All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Container Platform release 3.11.82 is now available with updates to packages and images that fix several bugs.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.82. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2019:0327\n\nSpace precludes documenting all of the bug fixes in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2019:0326", url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "external", summary: "1506736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506736", }, { category: "external", summary: "1598822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1598822", }, { category: "external", summary: "1615719", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1615719", }, { category: "external", summary: "1623338", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1623338", }, { category: "external", summary: "1634302", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1634302", }, { category: "external", summary: "1635254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1635254", }, { category: "external", summary: "1635613", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1635613", }, { category: "external", summary: "1642379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642379", }, { category: "external", summary: "1642929", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642929", }, { category: "external", summary: "1651090", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1651090", }, { category: "external", summary: "1651632", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1651632", }, { category: "external", summary: "1655183", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1655183", }, { category: "external", summary: "1657019", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1657019", }, { category: "external", summary: "1659194", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659194", }, { category: "external", summary: "1659441", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659441", }, { category: "external", summary: "1659653", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659653", }, { category: "external", summary: "1659976", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659976", }, { category: "external", summary: "1660598", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1660598", }, { category: "external", summary: "1664753", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1664753", }, { category: "external", summary: "1665235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1665235", }, { category: "external", summary: "1666820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1666820", }, { category: "external", summary: "1667270", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667270", }, { category: "external", summary: "1667618", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667618", }, { category: "external", summary: "1668412", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668412", }, { category: "external", summary: "1668828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668828", }, { category: "external", summary: "1668970", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668970", }, { category: "external", summary: "1669019", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669019", }, { category: "external", summary: "1669194", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669194", }, { category: "external", summary: "1669439", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669439", }, { category: "external", summary: "1669555", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669555", }, { category: "external", summary: "1669984", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669984", }, { category: "external", summary: "1670551", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670551", }, { category: "external", summary: "1673178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1673178", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_0326.json", }, ], title: "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update", tracking: { current_release_date: "2025-03-19T14:50:04+00:00", generator: { date: "2025-03-19T14:50:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHBA-2019:0326", initial_release_date: "2019-02-20T14:11:43+00:00", revision_history: [ { date: "2019-02-20T14:11:43+00:00", number: "1", summary: "Initial version", }, { date: "2019-02-20T14:11:43+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T14:50:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.11", product: { name: "Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.11::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", product: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", product_id: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-master@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-pod@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-tests@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-clients@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", product_id: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.82-1.git.1673.133961e.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_id: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", product: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", product_id: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.82-1.git.1063.48444e8.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", product: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", product_id: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", product: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", product_id: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.x86_64", product: { name: "haproxy18-0:1.8.17-3.el7.x86_64", product_id: "haproxy18-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", product: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", product_id: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.82-1.git.5027.9d24833.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", product: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", product_id: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", product: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", product_id: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", product_id: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", product: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", product_id: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", product: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", product_id: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", product: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", product_id: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", product: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", product_id: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", product: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", product_id: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", product_id: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", product: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", product_id: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", product: { name: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", product_id: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.82-1.git.1063.48444e8.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", product: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", product_id: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-0:2.150.2.1549032159-1.el7.src", product: { name: "jenkins-0:2.150.2.1549032159-1.el7.src", product_id: "jenkins-0:2.150.2.1549032159-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.150.2.1549032159-1.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", product: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", product_id: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=src", }, }, }, { category: "product_version", name: "haproxy-0:1.8.17-3.el7.src", product: { name: "haproxy-0:1.8.17-3.el7.src", product_id: "haproxy-0:1.8.17-3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", product: { name: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", product_id: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.82-1.git.5027.9d24833.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", product: { name: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", product_id: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", product: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", product_id: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1549642489-1.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", product: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", product_id: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", product_id: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", product: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", product_id: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", product: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", product_id: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", product: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", product_id: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", product: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", product_id: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.82-3.git.0.9718d0a.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", product: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", product_id: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-master@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-pod@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-tests@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-clients@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", product_id: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.82-1.git.1673.133961e.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", product: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", product_id: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.82-1.git.1063.48444e8.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", product: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", product_id: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", product: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", product_id: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy18-0:1.8.17-3.el7.ppc64le", product_id: "haproxy18-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", product: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", product_id: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.82-1.git.5027.9d24833.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", product: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", product_id: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", product: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", product_id: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", product_id: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", product: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", product_id: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", product: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", product_id: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", product: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", product_id: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product: { name: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_id: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-excluder@3.11.82-1.git.0.08bc31b.el7?arch=noarch", }, }, }, { category: "product_version", name: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product: { name: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_id: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.82-1.git.0.08bc31b.el7?arch=noarch", }, }, }, { category: "product_version", name: "jenkins-0:2.150.2.1549032159-1.el7.noarch", product: { name: "jenkins-0:2.150.2.1549032159-1.el7.noarch", product_id: "jenkins-0:2.150.2.1549032159-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.150.2.1549032159-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", product: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", product_id: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1549642489-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-test@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-docs@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-roles@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", }, product_reference: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", }, product_reference: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", }, product_reference: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", }, product_reference: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", }, product_reference: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", }, product_reference: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", }, product_reference: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", }, product_reference: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", }, product_reference: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", }, product_reference: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", }, product_reference: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", }, product_reference: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", }, product_reference: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", }, product_reference: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", }, product_reference: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", }, product_reference: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", }, product_reference: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", }, product_reference: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", }, product_reference: "haproxy-0:1.8.17-3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy18-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy18-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.150.2.1549032159-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", }, product_reference: "jenkins-0:2.150.2.1549032159-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.150.2.1549032159-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", }, product_reference: "jenkins-0:2.150.2.1549032159-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", }, product_reference: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", }, product_reference: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", }, product_reference: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", }, product_reference: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", }, product_reference: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", }, product_reference: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", }, product_reference: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", }, product_reference: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", }, product_reference: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", }, product_reference: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", }, product_reference: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", }, product_reference: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20102", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1658874", }, ], notes: [ { category: "description", text: "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20102", }, { category: "external", summary: "RHBZ#1658874", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1658874", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20102", url: "https://www.cve.org/CVERecord?id=CVE-2018-20102", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", }, { category: "external", summary: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", }, ], release_date: "2018-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", }, { cve: "CVE-2018-20103", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1658876", }, ], notes: [ { category: "description", text: "An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20103", }, { category: "external", summary: "RHBZ#1658876", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1658876", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20103", url: "https://www.cve.org/CVERecord?id=CVE-2018-20103", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20103", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20103", }, { category: "external", summary: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", }, ], release_date: "2018-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service", }, { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, { cve: "CVE-2018-1000865", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2018-11-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1647059", }, ], notes: [ { category: "description", text: "A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000865", }, { category: "external", summary: "RHBZ#1647059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1647059", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000865", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000865", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000865", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000865", }, ], release_date: "2018-10-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "workaround", details: "Do not run untrusted jenkins pipeline scripts.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", }, { cve: "CVE-2018-1000866", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2018-11-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1647059", }, ], notes: [ { category: "description", text: "A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000866", }, { category: "external", summary: "RHBZ#1647059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1647059", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000866", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000866", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000866", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000866", }, ], release_date: "2018-10-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "workaround", details: "Do not run untrusted jenkins pipeline scripts.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", }, { cve: "CVE-2019-3826", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-02-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1672865", }, ], notes: [ { category: "description", text: "A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus. An attacker could exploit this by convincing an authenticated user to visit a crafted URL on a Prometheus server, allowing for the execution and persistent storage of arbitrary scripts.", title: "Vulnerability description", }, { category: "summary", text: "prometheus: Stored DOM cross-site scripting (XSS) attack via crafted URL", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3826", }, { category: "external", summary: "RHBZ#1672865", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1672865", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3826", url: "https://www.cve.org/CVERecord?id=CVE-2019-3826", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3826", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3826", }, ], release_date: "2019-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "prometheus: Stored DOM cross-site scripting (XSS) attack via crafted URL", }, { cve: "CVE-2019-1003000", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1667566", }, ], notes: [ { category: "description", text: "A flaw was found in Jenkins Pipeline. The Script Security sandbox protection could be circumvented during the script compilation phase by applying AST, transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. This allowed users with Overall/Read permission, or able to control Jenkinsfile or sandboxed Pipeline shared library contents in SCM, to bypass the sandbox protection and execute arbitrary code on the Jenkins master. All known unsafe AST transformations in Groovy are now prohibited in sandboxed scripts. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003000", }, { category: "external", summary: "RHBZ#1667566", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667566", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003000", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003000", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003000", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003000", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-08/", url: "https://jenkins.io/security/advisory/2019-01-08/", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin", }, { cve: "CVE-2019-1003001", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669505", }, ], notes: [ { category: "description", text: "A flaw was found in Jenkins Pipeline. In the Declarative plugin, the script sandbox protection could be circumvented during the script compilation phase by applying AST. Both the pipeline validation REST APIs and the actual script/pipeline execution are affected. This allows users with Overall/Read permissions, or those able to control Jenkinsfile or the sandboxed Pipeline shared library contents in SCM, to bypass sandbox protection and execute arbitrary code on the Jenkins master. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-workflow-cps: Sandbox Bypass in Pipeline: Groovy Plugin", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003001", }, { category: "external", summary: "RHBZ#1669505", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669505", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003001", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003001", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003001", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003001", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-08/", url: "https://jenkins.io/security/advisory/2019-01-08/", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-workflow-cps: Sandbox Bypass in Pipeline: Groovy Plugin", }, { cve: "CVE-2019-1003002", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669508", }, ], notes: [ { category: "description", text: "A flaw was found in Jenkins Pipeline. Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. This allows users with Overall/Read permission, or able to control Jenkinsfile or sandboxed Pipeline shared library contents in SCM, to bypass the sandbox protection and execute arbitrary code on the Jenkins master. All known unsafe AST transformations in Groovy are now prohibited in sandboxed scripts. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003002", }, { category: "external", summary: "RHBZ#1669508", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669508", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003002", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003002", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003002", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003002", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-08/", url: "https://jenkins.io/security/advisory/2019-01-08/", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative", }, { cve: "CVE-2019-1003003", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2019-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1668345", }, ], notes: [ { category: "description", text: "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: cookie crafted using Jenkins script console allows unauthorised access to Jenkins instance", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003003", }, { category: "external", summary: "RHBZ#1668345", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668345", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003003", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003003", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003003", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003003", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-16/", url: "https://jenkins.io/security/advisory/2019-01-16/", }, ], release_date: "2019-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: cookie crafted using Jenkins script console allows unauthorised access to Jenkins instance", }, { cve: "CVE-2019-1003004", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2019-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1668736", }, ], notes: [ { category: "description", text: "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: deleting a user record will does not invalidate existing sessions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003004", }, { category: "external", summary: "RHBZ#1668736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668736", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003004", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003004", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003004", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003004", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-16/", url: "https://jenkins.io/security/advisory/2019-01-16/", }, ], release_date: "2019-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: deleting a user record will does not invalidate existing sessions", }, { cve: "CVE-2019-1003010", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670292", }, ], notes: [ { category: "description", text: "A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-git: CSRF vulnerability in Git Plugin (SECURITY-1095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003010", }, { category: "external", summary: "RHBZ#1670292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670292", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003010", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003010", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003010", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003010", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "jenkins-plugin-git: CSRF vulnerability in Git Plugin (SECURITY-1095)", }, { cve: "CVE-2019-1003011", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670296", }, ], notes: [ { category: "description", text: "An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/AbstractChangesSinceMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ChangesSinceLastBuildMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ProjectUrlMacro.java that allows attackers with the ability to control token macro input (such as SCM changelogs) to define recursive input that results in unexpected macro evaluation.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-token-macro: Recursive token expansion results in information disclosure and DoS in Token Macro Plugin (SECURITY-1102)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003011", }, { category: "external", summary: "RHBZ#1670296", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670296", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003011", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003011", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003011", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003011", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1102", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1102", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-token-macro: Recursive token expansion results in information disclosure and DoS in Token Macro Plugin (SECURITY-1102)", }, { cve: "CVE-2019-1003012", cwe: { id: "CWE-352", name: "Cross-Site Request Forgery (CSRF)", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670298", }, ], notes: [ { category: "description", text: "A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, blueocean-rest/src/main/java/io/jenkins/blueocean/rest/APICrumbExclusion.java, blueocean-web/src/main/java/io/jenkins/blueocean/BlueOceanUI.java, blueocean-web/src/main/resources/io/jenkins/blueocean/BlueOceanUI/index.jelly that allows attackers to bypass all cross-site request forgery protection in Blue Ocean API.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-blueocean: Blue Ocean did not require CSRF tokens (SECURITY-1201)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003012", }, { category: "external", summary: "RHBZ#1670298", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670298", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003012", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003012", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003012", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003012", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1201", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1201", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-blueocean: Blue Ocean did not require CSRF tokens (SECURITY-1201)", }, { cve: "CVE-2019-1003013", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670299", }, ], notes: [ { category: "description", text: "An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/JSONDataWriter.java, blueocean-rest-impl/src/main/java/io/jenkins/blueocean/service/embedded/UserStatePreloader.java, blueocean-web/src/main/resources/io/jenkins/blueocean/PageStatePreloadDecorator/header.jelly that allows attackers with permission to edit a user's description in Jenkins to have Blue Ocean render arbitrary HTML when using it as that user.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-blueocean: XSS vulnerability via user description in Blue Ocean (SECURITY-1204)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003013", }, { category: "external", summary: "RHBZ#1670299", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670299", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003013", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003013", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003013", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003013", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1204", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1204", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-blueocean: XSS vulnerability via user description in Blue Ocean (SECURITY-1204)", }, { cve: "CVE-2019-1003014", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1671324", }, ], notes: [ { category: "description", text: "An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to delete the shared configuration file.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-config-file-provider: Stored XSS vulnerability in Config File Provider Plugin (SECURITY-1253)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003014", }, { category: "external", summary: "RHBZ#1671324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1671324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003014", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003014", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003014", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003014", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1253", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1253", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-config-file-provider: Stored XSS vulnerability in Config File Provider Plugin (SECURITY-1253)", }, ], }
RHSA-2019:0548
Vulnerability from csaf_redhat
Published
2019-03-14 07:58
Modified
2024-11-15 00:40
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.10 haproxy security update
Notes
Topic
An update for haproxy is now available for Red Hat OpenShift Container Platform 3.10.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.
Security fix(es):
* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for haproxy is now available for Red Hat OpenShift Container Platform 3.10.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.\n\nSecurity fix(es):\n\n* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0548", url: "https://access.redhat.com/errata/RHSA-2019:0548", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0548.json", }, ], title: "Red Hat Security Advisory: OpenShift Container Platform 3.10 haproxy security update", tracking: { current_release_date: "2024-11-15T00:40:14+00:00", generator: { date: "2024-11-15T00:40:14+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0548", initial_release_date: "2019-03-14T07:58:11+00:00", revision_history: [ { date: "2019-03-14T07:58:11+00:00", number: "1", summary: "Initial version", }, { date: "2019-03-14T07:58:11+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:40:14+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.10", product: { name: "Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.10::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.x86_64", product: { name: "haproxy18-0:1.8.17-3.el7.x86_64", product_id: "haproxy18-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy18-0:1.8.17-3.el7.ppc64le", product_id: "haproxy18-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "haproxy-0:1.8.17-3.el7.src", product: { name: "haproxy-0:1.8.17-3.el7.src", product_id: "haproxy-0:1.8.17-3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", }, product_reference: "haproxy-0:1.8.17-3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy18-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy18-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-03-14T07:58:11+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate\n\nhttps://docs.openshift.com/container-platform/3.10/release_notes/ocp_3_10_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0548", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, ], }
rhsa-2019_0548
Vulnerability from csaf_redhat
Published
2019-03-14 07:58
Modified
2024-11-15 00:40
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.10 haproxy security update
Notes
Topic
An update for haproxy is now available for Red Hat OpenShift Container Platform 3.10.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.
Security fix(es):
* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for haproxy is now available for Red Hat OpenShift Container Platform 3.10.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.\n\nSecurity fix(es):\n\n* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0548", url: "https://access.redhat.com/errata/RHSA-2019:0548", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0548.json", }, ], title: "Red Hat Security Advisory: OpenShift Container Platform 3.10 haproxy security update", tracking: { current_release_date: "2024-11-15T00:40:14+00:00", generator: { date: "2024-11-15T00:40:14+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0548", initial_release_date: "2019-03-14T07:58:11+00:00", revision_history: [ { date: "2019-03-14T07:58:11+00:00", number: "1", summary: "Initial version", }, { date: "2019-03-14T07:58:11+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:40:14+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.10", product: { name: "Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.10::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.x86_64", product: { name: "haproxy18-0:1.8.17-3.el7.x86_64", product_id: "haproxy18-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy18-0:1.8.17-3.el7.ppc64le", product_id: "haproxy18-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "haproxy-0:1.8.17-3.el7.src", product: { name: "haproxy-0:1.8.17-3.el7.src", product_id: "haproxy-0:1.8.17-3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", }, product_reference: "haproxy-0:1.8.17-3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy18-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.10", product_id: "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy18-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.10", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-03-14T07:58:11+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate\n\nhttps://docs.openshift.com/container-platform/3.10/release_notes/ocp_3_10_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0548", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.10:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.10:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, ], }
rhsa-2019:0275
Vulnerability from csaf_redhat
Published
2019-02-05 08:26
Modified
2024-11-15 00:39
Summary
Red Hat Security Advisory: rh-haproxy18-haproxy security update
Notes
Topic
An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.
Security Fix(es):
* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.\n\nSecurity Fix(es):\n\n* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0275", url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0275.json", }, ], title: "Red Hat Security Advisory: rh-haproxy18-haproxy security update", tracking: { current_release_date: "2024-11-15T00:39:36+00:00", generator: { date: "2024-11-15T00:39:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0275", initial_release_date: "2019-02-05T08:26:05+00:00", revision_history: [ { date: "2019-02-05T08:26:05+00:00", number: "1", summary: "Initial version", }, { date: "2019-02-05T08:26:05+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:39:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, ], category: "product_family", name: "Red Hat Software Collections", }, { branches: [ { category: "product_version", name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", product: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", product_id: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy-debuginfo@1.8.4-4.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", product: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", product_id: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy@1.8.4-4.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", product: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", product_id: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy-syspaths@1.8.4-4.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", product: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", product_id: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy@1.8.4-4.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-05T08:26:05+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, ], }
rhba-2019_0326
Vulnerability from csaf_redhat
Published
2019-02-20 14:11
Modified
2024-11-22 12:40
Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.82 is now available with updates to packages and images that fix several bugs.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.82. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2019:0327
Space precludes documenting all of the bug fixes in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html
All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat OpenShift Container Platform release 3.11.82 is now available with updates to packages and images that fix several bugs.", title: "Topic", }, { category: "general", text: "Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.82. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2019:0327\n\nSpace precludes documenting all of the bug fixes in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2019:0326", url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "external", summary: "1506736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1506736", }, { category: "external", summary: "1598822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1598822", }, { category: "external", summary: "1615719", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1615719", }, { category: "external", summary: "1623338", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1623338", }, { category: "external", summary: "1634302", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1634302", }, { category: "external", summary: "1635254", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1635254", }, { category: "external", summary: "1635613", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1635613", }, { category: "external", summary: "1642379", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642379", }, { category: "external", summary: "1642929", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1642929", }, { category: "external", summary: "1651090", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1651090", }, { category: "external", summary: "1651632", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1651632", }, { category: "external", summary: "1655183", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1655183", }, { category: "external", summary: "1657019", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1657019", }, { category: "external", summary: "1659194", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659194", }, { category: "external", summary: "1659441", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659441", }, { category: "external", summary: "1659653", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659653", }, { category: "external", summary: "1659976", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1659976", }, { category: "external", summary: "1660598", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1660598", }, { category: "external", summary: "1664753", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1664753", }, { category: "external", summary: "1665235", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1665235", }, { category: "external", summary: "1666820", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1666820", }, { category: "external", summary: "1667270", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667270", }, { category: "external", summary: "1667618", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667618", }, { category: "external", summary: "1668412", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668412", }, { category: "external", summary: "1668828", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668828", }, { category: "external", summary: "1668970", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668970", }, { category: "external", summary: "1669019", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669019", }, { category: "external", summary: "1669194", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669194", }, { category: "external", summary: "1669439", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669439", }, { category: "external", summary: "1669555", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669555", }, { category: "external", summary: "1669984", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669984", }, { category: "external", summary: "1670551", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670551", }, { category: "external", summary: "1673178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1673178", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_0326.json", }, ], title: "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update", tracking: { current_release_date: "2024-11-22T12:40:44+00:00", generator: { date: "2024-11-22T12:40:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHBA-2019:0326", initial_release_date: "2019-02-20T14:11:43+00:00", revision_history: [ { date: "2019-02-20T14:11:43+00:00", number: "1", summary: "Initial version", }, { date: "2019-02-20T14:11:43+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T12:40:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.11", product: { name: "Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.11::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", product: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", product_id: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-master@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-pod@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-tests@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-clients@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_id: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.82-1.git.0.08bc31b.el7?arch=x86_64", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", product_id: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.82-1.git.1673.133961e.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", product: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_id: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=x86_64&epoch=1", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", product: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", product_id: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.82-1.git.1063.48444e8.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", product: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", product_id: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", product: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", product_id: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.x86_64", product: { name: "haproxy18-0:1.8.17-3.el7.x86_64", product_id: "haproxy18-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", product: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", product_id: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.82-1.git.5027.9d24833.el7?arch=x86_64", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", product: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", product_id: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", product: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", product_id: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", product_id: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=x86_64", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", product: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", product_id: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", product: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", product_id: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=x86_64", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", product: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", product_id: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", product: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", product_id: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", product: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", product_id: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", product_id: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", product: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", product_id: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=src&epoch=1", }, }, }, { category: "product_version", name: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", product: { name: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", product_id: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.82-1.git.1063.48444e8.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", product: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", product_id: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-0:2.150.2.1549032159-1.el7.src", product: { name: "jenkins-0:2.150.2.1549032159-1.el7.src", product_id: "jenkins-0:2.150.2.1549032159-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.150.2.1549032159-1.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", product: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", product_id: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=src", }, }, }, { category: "product_version", name: "haproxy-0:1.8.17-3.el7.src", product: { name: "haproxy-0:1.8.17-3.el7.src", product_id: "haproxy-0:1.8.17-3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", product: { name: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", product_id: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.82-1.git.5027.9d24833.el7?arch=src", }, }, }, { category: "product_version", name: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", product: { name: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", product_id: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=src", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", product: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", product_id: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1549642489-1.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", product: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", product_id: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", product_id: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", product: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", product_id: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", product: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", product_id: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=src", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", product: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", product_id: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=src", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", product: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", product_id: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.82-3.git.0.9718d0a.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", product: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", product_id: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-master@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-pod@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-tests@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-clients@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-node@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_id: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", product: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", product_id: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.82-1.git.1673.133961e.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_id: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=ppc64le&epoch=1", }, }, }, { category: "product_version", name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", product: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", product_id: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-node-exporter@3.11.82-1.git.1063.48444e8.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", product: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", product_id: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", product: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", product_id: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.ppc64le", product: { name: "haproxy18-0:1.8.17-3.el7.ppc64le", product_id: "haproxy18-0:1.8.17-3.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", product: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", product_id: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus@3.11.82-1.git.5027.9d24833.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", product: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", product_id: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", product: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", product_id: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", product: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", product_id: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", product: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", product_id: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", product: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", product_id: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", product: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", product_id: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=ppc64le", }, }, }, { category: "product_version", name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", product: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", product_id: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product: { name: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_id: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-excluder@3.11.82-1.git.0.08bc31b.el7?arch=noarch", }, }, }, { category: "product_version", name: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product: { name: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_id: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.82-1.git.0.08bc31b.el7?arch=noarch", }, }, }, { category: "product_version", name: "jenkins-0:2.150.2.1549032159-1.el7.noarch", product: { name: "jenkins-0:2.150.2.1549032159-1.el7.noarch", product_id: "jenkins-0:2.150.2.1549032159-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins@2.150.2.1549032159-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", product: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", product_id: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/jenkins-2-plugins@3.11.1549642489-1.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-test@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-docs@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-roles@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, { category: "product_version", name: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", product: { name: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_id: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.82-3.git.0.9718d0a.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", }, product_reference: "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", }, product_reference: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", }, product_reference: "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", }, product_reference: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", }, product_reference: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", }, product_reference: "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", }, product_reference: "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", }, product_reference: "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", }, product_reference: "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", }, product_reference: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", }, product_reference: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", }, product_reference: "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", }, product_reference: "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", }, product_reference: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", }, product_reference: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", }, product_reference: "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", }, product_reference: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", }, product_reference: "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", }, product_reference: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", }, product_reference: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", }, product_reference: "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", }, product_reference: "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", }, product_reference: "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", }, product_reference: "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", }, product_reference: "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", }, product_reference: "haproxy-0:1.8.17-3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", }, product_reference: "haproxy18-0:1.8.17-3.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy18-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.150.2.1549032159-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", }, product_reference: "jenkins-0:2.150.2.1549032159-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-0:2.150.2.1549032159-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", }, product_reference: "jenkins-0:2.150.2.1549032159-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", }, product_reference: "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", }, product_reference: "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", }, product_reference: "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", }, product_reference: "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", }, product_reference: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", }, product_reference: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", }, product_reference: "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", }, product_reference: "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", }, product_reference: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", }, product_reference: "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", }, product_reference: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", }, product_reference: "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", }, product_reference: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, { category: "default_component_of", full_product_name: { name: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", product_id: "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", }, product_reference: "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.11", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20102", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1658874", }, ], notes: [ { category: "description", text: "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20102", }, { category: "external", summary: "RHBZ#1658874", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1658874", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20102", url: "https://www.cve.org/CVERecord?id=CVE-2018-20102", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", }, { category: "external", summary: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", }, ], release_date: "2018-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", }, { cve: "CVE-2018-20103", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1658876", }, ], notes: [ { category: "description", text: "An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20103", }, { category: "external", summary: "RHBZ#1658876", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1658876", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20103", url: "https://www.cve.org/CVERecord?id=CVE-2018-20103", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20103", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20103", }, { category: "external", summary: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", }, ], release_date: "2018-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service", }, { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, { cve: "CVE-2018-1000865", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2018-11-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1647059", }, ], notes: [ { category: "description", text: "A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000865", }, { category: "external", summary: "RHBZ#1647059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1647059", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000865", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000865", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000865", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000865", }, ], release_date: "2018-10-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "workaround", details: "Do not run untrusted jenkins pipeline scripts.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", }, { cve: "CVE-2018-1000866", cwe: { id: "CWE-94", name: "Improper Control of Generation of Code ('Code Injection')", }, discovery_date: "2018-11-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1647059", }, ], notes: [ { category: "description", text: "A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-1000866", }, { category: "external", summary: "RHBZ#1647059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1647059", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-1000866", url: "https://www.cve.org/CVERecord?id=CVE-2018-1000866", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000866", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-1000866", }, ], release_date: "2018-10-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, { category: "workaround", details: "Do not run untrusted jenkins pipeline scripts.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", }, { cve: "CVE-2019-3826", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-02-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1672865", }, ], notes: [ { category: "description", text: "A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus. An attacker could exploit this by convincing an authenticated user to visit a crafted URL on a Prometheus server, allowing for the execution and persistent storage of arbitrary scripts.", title: "Vulnerability description", }, { category: "summary", text: "prometheus: Stored DOM cross-site scripting (XSS) attack via crafted URL", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3826", }, { category: "external", summary: "RHBZ#1672865", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1672865", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3826", url: "https://www.cve.org/CVERecord?id=CVE-2019-3826", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3826", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3826", }, ], release_date: "2019-01-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "prometheus: Stored DOM cross-site scripting (XSS) attack via crafted URL", }, { cve: "CVE-2019-1003000", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1667566", }, ], notes: [ { category: "description", text: "A flaw was found in Jenkins Pipeline. The Script Security sandbox protection could be circumvented during the script compilation phase by applying AST, transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. This allowed users with Overall/Read permission, or able to control Jenkinsfile or sandboxed Pipeline shared library contents in SCM, to bypass the sandbox protection and execute arbitrary code on the Jenkins master. All known unsafe AST transformations in Groovy are now prohibited in sandboxed scripts. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003000", }, { category: "external", summary: "RHBZ#1667566", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667566", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003000", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003000", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003000", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003000", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-08/", url: "https://jenkins.io/security/advisory/2019-01-08/", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin", }, { cve: "CVE-2019-1003001", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669505", }, ], notes: [ { category: "description", text: "A flaw was found in Jenkins Pipeline. In the Declarative plugin, the script sandbox protection could be circumvented during the script compilation phase by applying AST. Both the pipeline validation REST APIs and the actual script/pipeline execution are affected. This allows users with Overall/Read permissions, or those able to control Jenkinsfile or the sandboxed Pipeline shared library contents in SCM, to bypass sandbox protection and execute arbitrary code on the Jenkins master. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-workflow-cps: Sandbox Bypass in Pipeline: Groovy Plugin", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003001", }, { category: "external", summary: "RHBZ#1669505", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669505", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003001", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003001", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003001", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003001", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-08/", url: "https://jenkins.io/security/advisory/2019-01-08/", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-workflow-cps: Sandbox Bypass in Pipeline: Groovy Plugin", }, { cve: "CVE-2019-1003002", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669508", }, ], notes: [ { category: "description", text: "A flaw was found in Jenkins Pipeline. Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. This allows users with Overall/Read permission, or able to control Jenkinsfile or sandboxed Pipeline shared library contents in SCM, to bypass the sandbox protection and execute arbitrary code on the Jenkins master. All known unsafe AST transformations in Groovy are now prohibited in sandboxed scripts. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003002", }, { category: "external", summary: "RHBZ#1669508", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669508", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003002", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003002", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003002", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003002", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-08/", url: "https://jenkins.io/security/advisory/2019-01-08/", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative", }, { cve: "CVE-2019-1003003", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2019-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1668345", }, ], notes: [ { category: "description", text: "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: cookie crafted using Jenkins script console allows unauthorised access to Jenkins instance", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003003", }, { category: "external", summary: "RHBZ#1668345", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668345", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003003", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003003", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003003", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003003", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-16/", url: "https://jenkins.io/security/advisory/2019-01-16/", }, ], release_date: "2019-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: cookie crafted using Jenkins script console allows unauthorised access to Jenkins instance", }, { cve: "CVE-2019-1003004", cwe: { id: "CWE-613", name: "Insufficient Session Expiration", }, discovery_date: "2019-01-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1668736", }, ], notes: [ { category: "description", text: "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.", title: "Vulnerability description", }, { category: "summary", text: "jenkins: deleting a user record will does not invalidate existing sessions", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003004", }, { category: "external", summary: "RHBZ#1668736", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668736", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003004", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003004", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003004", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003004", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-16/", url: "https://jenkins.io/security/advisory/2019-01-16/", }, ], release_date: "2019-01-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins: deleting a user record will does not invalidate existing sessions", }, { cve: "CVE-2019-1003010", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670292", }, ], notes: [ { category: "description", text: "A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-git: CSRF vulnerability in Git Plugin (SECURITY-1095)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003010", }, { category: "external", summary: "RHBZ#1670292", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670292", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003010", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003010", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003010", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003010", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "jenkins-plugin-git: CSRF vulnerability in Git Plugin (SECURITY-1095)", }, { cve: "CVE-2019-1003011", cwe: { id: "CWE-96", name: "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670296", }, ], notes: [ { category: "description", text: "An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/AbstractChangesSinceMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ChangesSinceLastBuildMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ProjectUrlMacro.java that allows attackers with the ability to control token macro input (such as SCM changelogs) to define recursive input that results in unexpected macro evaluation.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-token-macro: Recursive token expansion results in information disclosure and DoS in Token Macro Plugin (SECURITY-1102)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003011", }, { category: "external", summary: "RHBZ#1670296", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670296", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003011", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003011", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003011", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003011", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1102", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1102", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-token-macro: Recursive token expansion results in information disclosure and DoS in Token Macro Plugin (SECURITY-1102)", }, { cve: "CVE-2019-1003012", cwe: { id: "CWE-352", name: "Cross-Site Request Forgery (CSRF)", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670298", }, ], notes: [ { category: "description", text: "A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, blueocean-rest/src/main/java/io/jenkins/blueocean/rest/APICrumbExclusion.java, blueocean-web/src/main/java/io/jenkins/blueocean/BlueOceanUI.java, blueocean-web/src/main/resources/io/jenkins/blueocean/BlueOceanUI/index.jelly that allows attackers to bypass all cross-site request forgery protection in Blue Ocean API.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-blueocean: Blue Ocean did not require CSRF tokens (SECURITY-1201)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003012", }, { category: "external", summary: "RHBZ#1670298", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670298", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003012", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003012", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003012", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003012", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1201", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1201", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-blueocean: Blue Ocean did not require CSRF tokens (SECURITY-1201)", }, { cve: "CVE-2019-1003013", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1670299", }, ], notes: [ { category: "description", text: "An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/JSONDataWriter.java, blueocean-rest-impl/src/main/java/io/jenkins/blueocean/service/embedded/UserStatePreloader.java, blueocean-web/src/main/resources/io/jenkins/blueocean/PageStatePreloadDecorator/header.jelly that allows attackers with permission to edit a user's description in Jenkins to have Blue Ocean render arbitrary HTML when using it as that user.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-blueocean: XSS vulnerability via user description in Blue Ocean (SECURITY-1204)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003013", }, { category: "external", summary: "RHBZ#1670299", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1670299", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003013", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003013", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003013", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003013", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1204", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1204", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-blueocean: XSS vulnerability via user description in Blue Ocean (SECURITY-1204)", }, { cve: "CVE-2019-1003014", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, discovery_date: "2019-01-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1671324", }, ], notes: [ { category: "description", text: "An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to delete the shared configuration file.", title: "Vulnerability description", }, { category: "summary", text: "jenkins-plugin-config-file-provider: Stored XSS vulnerability in Config File Provider Plugin (SECURITY-1253)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-1003014", }, { category: "external", summary: "RHBZ#1671324", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1671324", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-1003014", url: "https://www.cve.org/CVERecord?id=CVE-2019-1003014", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003014", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-1003014", }, { category: "external", summary: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1253", url: "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1253", }, ], release_date: "2019-01-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-20T14:11:43+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2019:0326", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "jenkins-plugin-config-file-provider: Stored XSS vulnerability in Config File Provider Plugin (SECURITY-1253)", }, ], }
rhsa-2019:0547
Vulnerability from csaf_redhat
Published
2019-03-14 07:58
Modified
2024-11-15 00:40
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update
Notes
Topic
An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.
Security fix(es):
* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.\n\nSecurity fix(es):\n\n* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0547", url: "https://access.redhat.com/errata/RHSA-2019:0547", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0547.json", }, ], title: "Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update", tracking: { current_release_date: "2024-11-15T00:40:08+00:00", generator: { date: "2024-11-15T00:40:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0547", initial_release_date: "2019-03-14T07:58:31+00:00", revision_history: [ { date: "2019-03-14T07:58:31+00:00", number: "1", summary: "Initial version", }, { date: "2019-03-14T07:58:31+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:40:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.9", product: { name: "Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.9::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.x86_64", product: { name: "haproxy18-0:1.8.17-3.el7.x86_64", product_id: "haproxy18-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "haproxy-0:1.8.17-3.el7.src", product: { name: "haproxy-0:1.8.17-3.el7.src", product_id: "haproxy-0:1.8.17-3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", }, product_reference: "haproxy-0:1.8.17-3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.9", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.9", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy18-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.9", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20102", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1658874", }, ], notes: [ { category: "description", text: "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20102", }, { category: "external", summary: "RHBZ#1658874", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1658874", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20102", url: "https://www.cve.org/CVERecord?id=CVE-2018-20102", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", }, { category: "external", summary: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", }, ], release_date: "2018-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-03-14T07:58:31+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.9/release_notes/ocp_3_9_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0547", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", }, { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-03-14T07:58:31+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.9/release_notes/ocp_3_9_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0547", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, ], }
RHSA-2019:0547
Vulnerability from csaf_redhat
Published
2019-03-14 07:58
Modified
2024-11-15 00:40
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update
Notes
Topic
An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.
Security fix(es):
* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.\n\nSecurity fix(es):\n\n* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0547", url: "https://access.redhat.com/errata/RHSA-2019:0547", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0547.json", }, ], title: "Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update", tracking: { current_release_date: "2024-11-15T00:40:08+00:00", generator: { date: "2024-11-15T00:40:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0547", initial_release_date: "2019-03-14T07:58:31+00:00", revision_history: [ { date: "2019-03-14T07:58:31+00:00", number: "1", summary: "Initial version", }, { date: "2019-03-14T07:58:31+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:40:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat OpenShift Container Platform 3.9", product: { name: "Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:3.9::el7", }, }, }, ], category: "product_family", name: "Red Hat OpenShift Enterprise", }, { branches: [ { category: "product_version", name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_id: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64", }, }, }, { category: "product_version", name: "haproxy18-0:1.8.17-3.el7.x86_64", product: { name: "haproxy18-0:1.8.17-3.el7.x86_64", product_id: "haproxy18-0:1.8.17-3.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "haproxy-0:1.8.17-3.el7.src", product: { name: "haproxy-0:1.8.17-3.el7.src", product_id: "haproxy-0:1.8.17-3.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", }, product_reference: "haproxy-0:1.8.17-3.el7.src", relates_to_product_reference: "7Server-RH7-RHOSE-3.9", }, { category: "default_component_of", full_product_name: { name: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.9", }, { category: "default_component_of", full_product_name: { name: "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.9", product_id: "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", }, product_reference: "haproxy18-0:1.8.17-3.el7.x86_64", relates_to_product_reference: "7Server-RH7-RHOSE-3.9", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20102", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1658874", }, ], notes: [ { category: "description", text: "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20102", }, { category: "external", summary: "RHBZ#1658874", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1658874", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20102", url: "https://www.cve.org/CVERecord?id=CVE-2018-20102", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", }, { category: "external", summary: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", }, ], release_date: "2018-12-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-03-14T07:58:31+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.9/release_notes/ocp_3_9_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0547", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", }, { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-03-14T07:58:31+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.9/release_notes/ocp_3_9_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", product_ids: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0547", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, ], }
RHSA-2019:0275
Vulnerability from csaf_redhat
Published
2019-02-05 08:26
Modified
2024-11-15 00:39
Summary
Red Hat Security Advisory: rh-haproxy18-haproxy security update
Notes
Topic
An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.
Security Fix(es):
* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.\n\nSecurity Fix(es):\n\n* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:0275", url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0275.json", }, ], title: "Red Hat Security Advisory: rh-haproxy18-haproxy security update", tracking: { current_release_date: "2024-11-15T00:39:36+00:00", generator: { date: "2024-11-15T00:39:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:0275", initial_release_date: "2019-02-05T08:26:05+00:00", revision_history: [ { date: "2019-02-05T08:26:05+00:00", number: "1", summary: "Initial version", }, { date: "2019-02-05T08:26:05+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-15T00:39:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, { category: "product_name", name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product: { name: "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_software_collections:3::el7", }, }, }, ], category: "product_family", name: "Red Hat Software Collections", }, { branches: [ { category: "product_version", name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", product: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", product_id: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy-debuginfo@1.8.4-4.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", product: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", product_id: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy@1.8.4-4.el7?arch=x86_64", }, }, }, { category: "product_version", name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", product: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", product_id: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy-syspaths@1.8.4-4.el7?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", product: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", product_id: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/rh-haproxy18-haproxy@1.8.4-4.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", product_id: "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.4.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", product_id: "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.5.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", product_id: "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2-7.6.Z", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Server-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.src", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, { category: "default_component_of", full_product_name: { name: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", }, product_reference: "rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", relates_to_product_reference: "7Workstation-RHSCL-3.2", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20615", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2019-01-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1663060", }, ], notes: [ { category: "description", text: "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", title: "Vulnerability description", }, { category: "summary", text: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", title: "Vulnerability summary", }, { category: "other", text: "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "RHBZ#1663060", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1663060", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20615", url: "https://www.cve.org/CVERecord?id=CVE-2018-20615", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, ], release_date: "2019-01-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-02-05T08:26:05+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { category: "workaround", details: "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", product_ids: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Server-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.src", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-debuginfo-0:1.8.4-4.el7.x86_64", "7Workstation-RHSCL-3.2:rh-haproxy18-haproxy-syspaths-0:1.8.4-4.el7.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", }, ], }
suse-su-2019:0232-1
Vulnerability from csaf_suse
Published
2019-02-05 10:48
Modified
2019-02-05 10:48
Summary
Security update for haproxy
Notes
Title of the patch
Security update for haproxy
Description of the patch
This update for haproxy version 1.8.17 fixes the following issues:
Security issues fixed:
- CVE-2018-20615: Fixed a denial of service, triggered by mishandling the priority flag on
short HEADERS frame in the HTTP/2 decoder (bsc#1121283)
Patchnames
SUSE-2019-232,SUSE-SLE-Product-HA-15-2019-232
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for haproxy", title: "Title of the patch", }, { category: "description", text: "This update for haproxy version 1.8.17 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-20615: Fixed a denial of service, triggered by mishandling the priority flag on \nshort HEADERS frame in the HTTP/2 decoder (bsc#1121283)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-232,SUSE-SLE-Product-HA-15-2019-232", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_0232-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:0232-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20190232-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:0232-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-February/005080.html", }, { category: "self", summary: "SUSE Bug 1121283", url: "https://bugzilla.suse.com/1121283", }, { category: "self", summary: "SUSE CVE CVE-2018-20615 page", url: "https://www.suse.com/security/cve/CVE-2018-20615/", }, ], title: "Security update for haproxy", tracking: { current_release_date: "2019-02-05T10:48:24Z", generator: { date: "2019-02-05T10:48:24Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:0232-1", initial_release_date: "2019-02-05T10:48:24Z", revision_history: [ { date: "2019-02-05T10:48:24Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.aarch64", product: { name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.aarch64", product_id: "haproxy-1.8.17~git0.e89d25b2-3.9.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.i586", product: { name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.i586", product_id: "haproxy-1.8.17~git0.e89d25b2-3.9.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.ppc64le", product: { name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.ppc64le", product_id: "haproxy-1.8.17~git0.e89d25b2-3.9.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.s390x", product: { name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.s390x", product_id: "haproxy-1.8.17~git0.e89d25b2-3.9.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.x86_64", product: { name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.x86_64", product_id: "haproxy-1.8.17~git0.e89d25b2-3.9.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15", product: { name: "SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.aarch64", }, product_reference: "haproxy-1.8.17~git0.e89d25b2-3.9.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.ppc64le", }, product_reference: "haproxy-1.8.17~git0.e89d25b2-3.9.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.s390x", }, product_reference: "haproxy-1.8.17~git0.e89d25b2-3.9.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "haproxy-1.8.17~git0.e89d25b2-3.9.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.x86_64", }, product_reference: "haproxy-1.8.17~git0.e89d25b2-3.9.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20615", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-20615", }, ], notes: [ { category: "general", text: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-20615", url: "https://www.suse.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "SUSE Bug 1121283 for CVE-2018-20615", url: "https://bugzilla.suse.com/1121283", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:haproxy-1.8.17~git0.e89d25b2-3.9.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-02-05T10:48:24Z", details: "important", }, ], title: "CVE-2018-20615", }, ], }
opensuse-su-2019:0166-1
Vulnerability from csaf_opensuse
Published
2019-03-23 10:57
Modified
2019-03-23 10:57
Summary
Security update for haproxy
Notes
Title of the patch
Security update for haproxy
Description of the patch
This update for haproxy version 1.8.17 fixes the following issues:
Security issues fixed:
- CVE-2018-20615: Fixed a denial of service, triggered by mishandling the priority flag on
short HEADERS frame in the HTTP/2 decoder (bsc#1121283)
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2019-166
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for haproxy", title: "Title of the patch", }, { category: "description", text: "This update for haproxy version 1.8.17 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-20615: Fixed a denial of service, triggered by mishandling the priority flag on \nshort HEADERS frame in the HTTP/2 decoder (bsc#1121283)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2019-166", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_0166-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2019:0166-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NZKXDXR2VZ6J4VTJZ53G2TITYNOZMWXE/#NZKXDXR2VZ6J4VTJZ53G2TITYNOZMWXE", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2019:0166-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NZKXDXR2VZ6J4VTJZ53G2TITYNOZMWXE/#NZKXDXR2VZ6J4VTJZ53G2TITYNOZMWXE", }, { category: "self", summary: "SUSE Bug 1121283", url: "https://bugzilla.suse.com/1121283", }, { category: "self", summary: "SUSE CVE CVE-2018-20615 page", url: "https://www.suse.com/security/cve/CVE-2018-20615/", }, ], title: "Security update for haproxy", tracking: { current_release_date: "2019-03-23T10:57:10Z", generator: { date: "2019-03-23T10:57:10Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2019:0166-1", initial_release_date: "2019-03-23T10:57:10Z", revision_history: [ { date: "2019-03-23T10:57:10Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "haproxy-1.8.17~git0.e89d25b2-lp150.2.9.1.x86_64", product: { name: "haproxy-1.8.17~git0.e89d25b2-lp150.2.9.1.x86_64", product_id: "haproxy-1.8.17~git0.e89d25b2-lp150.2.9.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.0", product: { name: "openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.0", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "haproxy-1.8.17~git0.e89d25b2-lp150.2.9.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:haproxy-1.8.17~git0.e89d25b2-lp150.2.9.1.x86_64", }, product_reference: "haproxy-1.8.17~git0.e89d25b2-lp150.2.9.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20615", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-20615", }, ], notes: [ { category: "general", text: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:haproxy-1.8.17~git0.e89d25b2-lp150.2.9.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-20615", url: "https://www.suse.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "SUSE Bug 1121283 for CVE-2018-20615", url: "https://bugzilla.suse.com/1121283", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:haproxy-1.8.17~git0.e89d25b2-lp150.2.9.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.0:haproxy-1.8.17~git0.e89d25b2-lp150.2.9.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-03-23T10:57:10Z", details: "important", }, ], title: "CVE-2018-20615", }, ], }
opensuse-su-2024:10839-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media
Notes
Title of the patch
haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media
Description of the patch
These are all security issues fixed in the haproxy-2.4.4+git0.acb1d0bea-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10839
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the haproxy-2.4.4+git0.acb1d0bea-1.2 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10839", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10839-1.json", }, { category: "self", summary: "SUSE CVE CVE-2018-11469 page", url: "https://www.suse.com/security/cve/CVE-2018-11469/", }, { category: "self", summary: "SUSE CVE CVE-2018-14645 page", url: "https://www.suse.com/security/cve/CVE-2018-14645/", }, { category: "self", summary: "SUSE CVE CVE-2018-20103 page", url: "https://www.suse.com/security/cve/CVE-2018-20103/", }, { category: "self", summary: "SUSE CVE CVE-2018-20615 page", url: "https://www.suse.com/security/cve/CVE-2018-20615/", }, { category: "self", summary: "SUSE CVE CVE-2019-14241 page", url: "https://www.suse.com/security/cve/CVE-2019-14241/", }, { category: "self", summary: "SUSE CVE CVE-2019-18277 page", url: "https://www.suse.com/security/cve/CVE-2019-18277/", }, { category: "self", summary: "SUSE CVE CVE-2020-11100 page", url: "https://www.suse.com/security/cve/CVE-2020-11100/", }, { category: "self", summary: "SUSE CVE CVE-2021-39240 page", url: "https://www.suse.com/security/cve/CVE-2021-39240/", }, { category: "self", summary: "SUSE CVE CVE-2021-40346 page", url: "https://www.suse.com/security/cve/CVE-2021-40346/", }, ], title: "haproxy-2.4.4+git0.acb1d0bea-1.2 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10839-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", product: { name: "haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", product_id: "haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", product: { name: "haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", product_id: "haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", product: { name: "haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", product_id: "haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", product: { name: "haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", product_id: "haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", }, product_reference: "haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", }, product_reference: "haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "haproxy-2.4.4+git0.acb1d0bea-1.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", }, product_reference: "haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", }, product_reference: "haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2018-11469", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-11469", }, ], notes: [ { category: "general", text: "Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-11469", url: "https://www.suse.com/security/cve/CVE-2018-11469", }, { category: "external", summary: "SUSE Bug 1094846 for CVE-2018-11469", url: "https://bugzilla.suse.com/1094846", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2018-11469", }, { cve: "CVE-2018-14645", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14645", }, ], notes: [ { category: "general", text: "A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14645", url: "https://www.suse.com/security/cve/CVE-2018-14645", }, { category: "external", summary: "SUSE Bug 1108683 for CVE-2018-14645", url: "https://bugzilla.suse.com/1108683", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-14645", }, { cve: "CVE-2018-20103", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-20103", }, ], notes: [ { category: "general", text: "An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-20103", url: "https://www.suse.com/security/cve/CVE-2018-20103", }, { category: "external", summary: "SUSE Bug 1119419 for CVE-2018-20103", url: "https://bugzilla.suse.com/1119419", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-20103", }, { cve: "CVE-2018-20615", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-20615", }, ], notes: [ { category: "general", text: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-20615", url: "https://www.suse.com/security/cve/CVE-2018-20615", }, { category: "external", summary: "SUSE Bug 1121283 for CVE-2018-20615", url: "https://bugzilla.suse.com/1121283", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2018-20615", }, { cve: "CVE-2019-14241", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-14241", }, ], notes: [ { category: "general", text: "HAProxy through 2.0.2 allows attackers to cause a denial of service (ha_panic) via vectors related to htx_manage_client_side_cookies in proto_htx.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-14241", url: "https://www.suse.com/security/cve/CVE-2019-14241", }, { category: "external", summary: "SUSE Bug 1142529 for CVE-2019-14241", url: "https://bugzilla.suse.com/1142529", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-14241", }, { cve: "CVE-2019-18277", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18277", }, ], notes: [ { category: "general", text: "A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the \"chunked\" value were not being correctly rejected. The impact was limited but if combined with the \"http-reuse always\" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18277", url: "https://www.suse.com/security/cve/CVE-2019-18277", }, { category: "external", summary: "SUSE Bug 1154980 for CVE-2019-18277", url: "https://bugzilla.suse.com/1154980", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-18277", }, { cve: "CVE-2020-11100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-11100", }, ], notes: [ { category: "general", text: "In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-11100", url: "https://www.suse.com/security/cve/CVE-2020-11100", }, { category: "external", summary: "SUSE Bug 1168023 for CVE-2020-11100", url: "https://bugzilla.suse.com/1168023", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2020-11100", }, { cve: "CVE-2021-39240", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-39240", }, ], notes: [ { category: "general", text: "An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3. It does not ensure that the scheme and path portions of a URI have the expected characters. For example, the authority field (as observed on a target HTTP/2 server) might differ from what the routing rules were intended to achieve.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-39240", url: "https://www.suse.com/security/cve/CVE-2021-39240", }, { category: "external", summary: "SUSE Bug 1189549 for CVE-2021-39240", url: "https://bugzilla.suse.com/1189549", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-39240", }, { cve: "CVE-2021-40346", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-40346", }, ], notes: [ { category: "general", text: "An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-40346", url: "https://www.suse.com/security/cve/CVE-2021-40346", }, { category: "external", summary: "SUSE Bug 1189877 for CVE-2021-40346", url: "https://bugzilla.suse.com/1189877", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.aarch64", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.ppc64le", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.s390x", "openSUSE Tumbleweed:haproxy-2.4.4+git0.acb1d0bea-1.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2021-40346", }, ], }
gsd-2018-20615
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.
Aliases
Aliases
{ GSD: { alias: "CVE-2018-20615", description: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", id: "GSD-2018-20615", references: [ "https://www.suse.com/security/cve/CVE-2018-20615.html", "https://access.redhat.com/errata/RHSA-2019:0548", "https://access.redhat.com/errata/RHSA-2019:0547", "https://access.redhat.com/errata/RHBA-2019:0326", "https://access.redhat.com/errata/RHSA-2019:0275", "https://ubuntu.com/security/CVE-2018-20615", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2018-20615", ], details: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", id: "GSD-2018-20615", modified: "2023-12-13T01:22:29.238630Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20615", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "106645", refsource: "BID", url: "http://www.securityfocus.com/bid/106645", }, { name: "RHSA-2019:0275", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { name: "[opensuse-security-announce] 20190213 [security-announce] openSUSE-SU-2019:0166-1: important: Security update for haproxy", refsource: "MLIST", url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html", }, { name: "3858-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3858-1/", }, { name: "[haproxy@formilux.org] 20190108 [ANNOUNCE] haproxy-1.8.17", refsource: "MLIST", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32304.html", }, { name: "RHBA-2019:0327", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHBA-2019:0327", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev3:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev5:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "1.8.19", versionStartIncluding: "1.8.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev0:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev7:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev8:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev9:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev10:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev4:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev6:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev11:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20615", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "[haproxy@formilux.org] 20190108 [ANNOUNCE] haproxy-1.8.17", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.mail-archive.com/haproxy@formilux.org/msg32304.html", }, { name: "3858-1", refsource: "UBUNTU", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3858-1/", }, { name: "RHSA-2019:0275", refsource: "REDHAT", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { name: "106645", refsource: "BID", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106645", }, { name: "[opensuse-security-announce] 20190213 [security-announce] openSUSE-SU-2019:0166-1: important: Security update for haproxy", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html", }, { name: "RHBA-2019:0327", refsource: "REDHAT", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:0327", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, }, }, lastModifiedDate: "2019-04-25T12:57Z", publishedDate: "2019-03-21T16:00Z", }, }, }
ghsa-w4g5-v736-j48g
Vulnerability from github
Published
2022-05-14 01:07
Modified
2022-05-14 01:07
Severity ?
Details
An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.
{ affected: [], aliases: [ "CVE-2018-20615", ], database_specific: { cwe_ids: [ "CWE-125", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2019-03-21T16:00:00Z", severity: "HIGH", }, details: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", id: "GHSA-w4g5-v736-j48g", modified: "2022-05-14T01:07:06Z", published: "2022-05-14T01:07:06Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", }, { type: "WEB", url: "https://access.redhat.com/errata/RHBA-2019:0327", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { type: "WEB", url: "https://usn.ubuntu.com/3858-1", }, { type: "WEB", url: "https://www.mail-archive.com/haproxy@formilux.org/msg32304.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html", }, { type: "WEB", url: "http://www.securityfocus.com/bid/106645", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
fkie_cve-2018-20615
Vulnerability from fkie_nvd
Published
2019-03-21 16:00
Modified
2024-11-21 04:01
Severity ?
Summary
An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| haproxy | haproxy | * | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| haproxy | haproxy | 1.9.0 | |
| opensuse | leap | 15.0 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| redhat | openshift_container_platform | 3.11 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 7.4 | |
| redhat | enterprise_linux | 7.5 | |
| redhat | enterprise_linux | 7.6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*", matchCriteriaId: "6D9F2EFA-B2B2-409C-A97A-E05A4E82BE14", versionEndIncluding: "1.8.19", versionStartIncluding: "1.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:-:*:*:*:*:*:*", matchCriteriaId: "1047461B-5BDA-4E41-A7D9-76B08E900468", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev0:*:*:*:*:*:*", matchCriteriaId: "8A41C4AD-11B0-4676-AD44-A5A96ACF8DE3", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev1:*:*:*:*:*:*", matchCriteriaId: "46D05CF3-6764-4238-86CF-A2B34668EB7F", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev10:*:*:*:*:*:*", matchCriteriaId: "CDEE25E3-D419-4CF8-ABD7-68F4776C3A74", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev11:*:*:*:*:*:*", matchCriteriaId: "386AC3AC-187C-4AB8-8F25-C9F6FBC68EC9", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev2:*:*:*:*:*:*", matchCriteriaId: "1492C457-1304-42B5-A6AE-2E7355DF5E9A", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev3:*:*:*:*:*:*", matchCriteriaId: "49C58F7E-BD94-43E0-B375-635228F02D9A", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev4:*:*:*:*:*:*", matchCriteriaId: "0646A03C-8DD1-44A2-B4A9-F4C493E9BDDF", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev5:*:*:*:*:*:*", matchCriteriaId: "3AC98E81-5377-4729-9AD4-F35BB16E99C7", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev6:*:*:*:*:*:*", matchCriteriaId: "81BABB2D-8E02-402C-A53D-BB4603D43B77", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev7:*:*:*:*:*:*", matchCriteriaId: "68AD00F1-BBC4-4FF1-9C44-AF2B7E88F5C6", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev8:*:*:*:*:*:*", matchCriteriaId: "9F9E46AC-2CA0-4AB0-A199-9726FA507F33", vulnerable: true, }, { criteria: "cpe:2.3:a:haproxy:haproxy:1.9.0:dev9:*:*:*:*:*:*", matchCriteriaId: "51C49D8B-3A86-4EBF-83B5-5F5BBE6C088F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", matchCriteriaId: "07C312A0-CD2C-4B9C-B064-6409B25C278F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", matchCriteriaId: "2F87326E-0B56-4356-A889-73D026DB1D4B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", matchCriteriaId: "041F9200-4C01-4187-AE34-240E8277B54D", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", matchCriteriaId: "4EB48767-F095-444F-9E05-D9AC345AB803", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5F6FA12B-504C-4DBF-A32E-0548557AA2ED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.", }, { lang: "es", value: "Se ha descubierto un problema de lectura fuera de límites en el decodificador del protocolo HTTP/2 en HAProxy, en versiones 1.8.x y 1.9.x hasta la 1.9.0, lo que puede resultar en un cierre inesperado. El procesamiento del flag PRIORITY en un frame HEADERS requiere 5 bytes adicionales y, aunque se omiten estos bytes, la longitud total del frame no se volvió a comprobar para asegurar que estaban presentes en la trama.", }, ], id: "CVE-2018-20615", lastModified: "2024-11-21T04:01:51.733", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:00:36.297", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106645", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:0327", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3858-1/", }, { source: "cve@mitre.org", url: "https://www.mail-archive.com/haproxy%40formilux.org/msg32304.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106645", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:0327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0275", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3858-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.mail-archive.com/haproxy%40formilux.org/msg32304.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.