Action not permitted
Modal body text goes here.
cve-2018-20102
Vulnerability from cvelistv5
Published
2018-12-12 17:00
Modified
2024-08-05 11:51
Severity ?
EPSS score ?
Summary
An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T11:51:19.257Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=efbbdf72992cd20458259962346044cafd9331c0" }, { "name": "USN-3858-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3858-1/" }, { "name": "RHBA-2019:0326", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHBA-2019:0326" }, { "name": "106223", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/106223" }, { "name": "RHBA-2019:0327", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "name": "RHSA-2019:1436", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1436" }, { "name": "[debian-lts-announce] 20220530 [SECURITY] [DLA 3034-1] haproxy security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-12-12T00:00:00", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-05-30T18:06:14", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=efbbdf72992cd20458259962346044cafd9331c0" }, { "name": "USN-3858-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3858-1/" }, { "name": "RHBA-2019:0326", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHBA-2019:0326" }, { "name": "106223", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/106223" }, { "name": "RHBA-2019:0327", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "name": "RHSA-2019:1436", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1436" }, { "name": "[debian-lts-announce] 20220530 [SECURITY] [DLA 3034-1] haproxy security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20102", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0", "refsource": "MISC", "url": "http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0" }, { "name": "USN-3858-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3858-1/" }, { "name": "RHBA-2019:0326", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2019:0326" }, { "name": "106223", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106223" }, { "name": "RHBA-2019:0327", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "name": "RHSA-2019:1436", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1436" }, { "name": "[debian-lts-announce] 20220530 [SECURITY] [DLA 3034-1] haproxy security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20102", "datePublished": "2018-12-12T17:00:00", "dateReserved": "2018-12-12T00:00:00", "dateUpdated": "2024-08-05T11:51:19.257Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2018-20102\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-12-12T17:29:00.247\",\"lastModified\":\"2024-11-21T04:00:52.920\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto una lectura fuera de l\u00edmites en dns_validate_dns_response en dns.c en HAProxy hasta la versi\u00f3n 1.8.14. Debido a la falta de una comprobaci\u00f3n al validar respuestas DNS, los atacantes remotos pueden leer los 16 bits que corresponden a un registro AAAA de la parte no inicializada del b\u00fafer, pudiendo acceder a cualquier cosa que haya quedado en la pila, o incluso m\u00e1s all\u00e1 del final del b\u00fafer de 8193 bytes, dependiendo del valor de accepted_payload_size.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.8.14\",\"matchCriteriaId\":\"F4F0D169-E661-44C6-98E7-AA40B01D3706\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07C312A0-CD2C-4B9C-B064-6409B25C278F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F87326E-0B56-4356-A889-73D026DB1D4B\"}]}]}],\"references\":[{\"url\":\"http://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=efbbdf72992cd20458259962346044cafd9331c0\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/106223\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:0326\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:0327\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1436\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/3858-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=efbbdf72992cd20458259962346044cafd9331c0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/106223\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:0326\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:0327\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1436\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3858-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
rhba-2019_0326
Vulnerability from csaf_redhat
Published
2019-02-20 14:11
Modified
2024-11-22 12:40
Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.82 is now available with updates to packages and images that fix several bugs.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.82. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2019:0327
Space precludes documenting all of the bug fixes in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html
All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 3.11.82 is now available with updates to packages and images that fix several bugs.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.82. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2019:0327\n\nSpace precludes documenting all of the bug fixes in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHBA-2019:0326", "url": "https://access.redhat.com/errata/RHBA-2019:0326" }, { "category": "external", "summary": "1506736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506736" }, { "category": "external", "summary": "1598822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1598822" }, { "category": "external", "summary": "1615719", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1615719" }, { "category": "external", "summary": "1623338", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623338" }, { "category": "external", "summary": "1634302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1634302" }, { "category": "external", "summary": "1635254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635254" }, { "category": "external", "summary": "1635613", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635613" }, { "category": "external", "summary": "1642379", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642379" }, { "category": "external", "summary": "1642929", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642929" }, { "category": "external", "summary": "1651090", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651090" }, { "category": "external", "summary": "1651632", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651632" }, { "category": "external", "summary": "1655183", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655183" }, { "category": "external", "summary": "1657019", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1657019" }, { "category": "external", "summary": "1659194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659194" }, { "category": "external", "summary": "1659441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659441" }, { "category": "external", "summary": "1659653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659653" }, { "category": "external", "summary": "1659976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659976" }, { "category": "external", "summary": "1660598", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660598" }, { "category": "external", "summary": "1664753", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664753" }, { "category": "external", "summary": "1665235", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665235" }, { "category": "external", "summary": "1666820", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666820" }, { "category": "external", "summary": "1667270", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667270" }, { "category": "external", "summary": "1667618", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667618" }, { "category": "external", "summary": "1668412", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668412" }, { "category": "external", "summary": "1668828", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668828" }, { "category": "external", "summary": "1668970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668970" }, { "category": "external", "summary": "1669019", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669019" }, { "category": "external", "summary": "1669194", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669194" }, { "category": "external", "summary": "1669439", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669439" }, { "category": "external", "summary": "1669555", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669555" }, { "category": "external", "summary": "1669984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669984" }, { "category": "external", "summary": "1670551", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670551" }, { "category": "external", "summary": "1673178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1673178" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_0326.json" } ], "title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update", "tracking": { "current_release_date": "2024-11-22T12:40:44+00:00", "generator": { "date": "2024-11-22T12:40:44+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHBA-2019:0326", "initial_release_date": "2019-02-20T14:11:43+00:00", "revision_history": [ { "date": "2019-02-20T14:11:43+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-02-20T14:11:43+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T12:40:44+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 3.11", "product": { "name": "Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:3.11::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "product": { "name": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "product_id": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product": { "name": "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_id": "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.82-1.git.0.08bc31b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "product": { "name": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "product_id": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "product": { "name": "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.82-1.git.1673.133961e.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "product": { "name": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "product_id": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", "product": { "name": "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", "product_id": "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.82-1.git.1063.48444e8.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "product": { "name": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "product_id": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "product": { "name": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "product_id": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=x86_64" } } }, { "category": "product_version", "name": "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "product": { "name": "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "product_id": "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "haproxy18-0:1.8.17-3.el7.x86_64", "product": { "name": "haproxy18-0:1.8.17-3.el7.x86_64", "product_id": "haproxy18-0:1.8.17-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "product": { "name": "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "product_id": "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus@3.11.82-1.git.5027.9d24833.el7?arch=x86_64" } } }, { "category": "product_version", "name": "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "product": { "name": "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "product_id": "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "product": { "name": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "product_id": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "product": { "name": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "product_id": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "product": { "name": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "product_id": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "product": { "name": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "product_id": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "product": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "product": { "name": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "product_id": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "product": { "name": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "product_id": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "product": { "name": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "product_id": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=src" } } }, { "category": "product_version", "name": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "product": { "name": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "product_id": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "product": { "name": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "product_id": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "product": { "name": "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "product_id": "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.82-1.git.1063.48444e8.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "product": { "name": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "product_id": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=src" } } }, { "category": "product_version", "name": "jenkins-0:2.150.2.1549032159-1.el7.src", "product": { "name": "jenkins-0:2.150.2.1549032159-1.el7.src", "product_id": "jenkins-0:2.150.2.1549032159-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins@2.150.2.1549032159-1.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "product": { "name": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "product_id": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=src" } } }, { "category": "product_version", "name": "haproxy-0:1.8.17-3.el7.src", "product": { "name": "haproxy-0:1.8.17-3.el7.src", "product_id": "haproxy-0:1.8.17-3.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src" } } }, { "category": "product_version", "name": "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "product": { "name": "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "product_id": "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.82-1.git.5027.9d24833.el7?arch=src" } } }, { "category": "product_version", "name": "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "product": { "name": "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "product_id": "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=src" } } }, { "category": "product_version", "name": "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "product": { "name": "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "product_id": "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1549642489-1.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "product": { "name": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "product_id": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "product": { "name": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "product_id": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "product": { "name": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "product_id": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "product": { "name": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "product_id": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "product": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "product": { "name": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "product_id": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "product": { "name": "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "product_id": "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible@3.11.82-3.git.0.9718d0a.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "product": { "name": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "product_id": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.82-1.git.254.a448936.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product": { "name": "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_id": "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product": { "name": "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_id": "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product": { "name": "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_id": "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product": { "name": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_id": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product": { "name": "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_id": "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product": { "name": "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_id": "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product": { "name": "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_id": "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product": { "name": "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_id": "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product": { "name": "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_id": "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product": { "name": "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_id": "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.82-1.git.0.08bc31b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "product": { "name": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "product_id": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.82-1.git.425.7cac034.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "product": { "name": "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.82-1.git.1673.133961e.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "product": { "name": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "product_id": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.82-1.git.1673.133961e.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "product": { "name": "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "product_id": "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.82-1.git.1063.48444e8.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "product": { "name": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "product_id": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.82-1.git.452.0ce6383.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "product": { "name": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "product_id": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.82-1.git.300.89765c9.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "product": { "name": "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "product_id": "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "haproxy18-0:1.8.17-3.el7.ppc64le", "product": { "name": "haproxy18-0:1.8.17-3.el7.ppc64le", "product_id": "haproxy18-0:1.8.17-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "product": { "name": "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "product_id": "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus@3.11.82-1.git.5027.9d24833.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "product": { "name": "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "product_id": "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.82-1.git.0.3bf41ce.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "product": { "name": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "product_id": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.82-1.git.355.5e8b1d9.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "product": { "name": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "product_id": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.82-1.git.380.cf11c51.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "product": { "name": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "product_id": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.82-1.git.219.0b5aff4.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "product": { "name": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "product_id": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.82-1.git.14.e353758.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "product": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.82-1.git.0.efb6af0.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "product": { "name": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "product_id": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.82-1.git.52.2fdca3f.el7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "product": { "name": "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "product_id": "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.11.82-1.git.0.08bc31b.el7?arch=noarch" } } }, { "category": "product_version", "name": "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "product": { "name": "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "product_id": "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.82-1.git.0.08bc31b.el7?arch=noarch" } } }, { "category": "product_version", "name": "jenkins-0:2.150.2.1549032159-1.el7.noarch", "product": { "name": "jenkins-0:2.150.2.1549032159-1.el7.noarch", "product_id": "jenkins-0:2.150.2.1549032159-1.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins@2.150.2.1549032159-1.el7?arch=noarch" } } }, { "category": "product_version", "name": "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "product": { "name": "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "product_id": "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1549642489-1.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product": { "name": "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product_id": "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-test@3.11.82-3.git.0.9718d0a.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product": { "name": "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product_id": "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible@3.11.82-3.git.0.9718d0a.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product": { "name": "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product_id": "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-docs@3.11.82-3.git.0.9718d0a.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product": { "name": "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product_id": "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-roles@3.11.82-3.git.0.9718d0a.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product": { "name": "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product_id": "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.82-3.git.0.9718d0a.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le" }, "product_reference": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src" }, "product_reference": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64" }, "product_reference": "atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le" }, "product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64" }, "product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le" }, "product_reference": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src" }, "product_reference": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le" }, "product_reference": "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le" }, "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src" }, "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64" }, "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le" }, "product_reference": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src" }, "product_reference": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64" }, "product_reference": "atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch" }, "product_reference": "atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le" }, "product_reference": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src" }, "product_reference": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64" }, "product_reference": "atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch" }, "product_reference": "atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le" }, "product_reference": "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le" }, "product_reference": "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le" }, "product_reference": "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le" }, "product_reference": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src" }, "product_reference": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64" }, "product_reference": "atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le" }, "product_reference": "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le" }, "product_reference": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src" }, "product_reference": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64" }, "product_reference": "atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le" }, "product_reference": "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le" }, "product_reference": "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le" }, "product_reference": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src" }, "product_reference": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64" }, "product_reference": "atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le" }, "product_reference": "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le" }, "product_reference": "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64" }, "product_reference": "atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le" }, "product_reference": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src" }, "product_reference": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64" }, "product_reference": "atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le" }, "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src" }, "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64" }, "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src" }, "product_reference": "golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src" }, "product_reference": "golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src" }, "product_reference": "golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src" }, "product_reference": "haproxy-0:1.8.17-3.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le" }, "product_reference": "haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64" }, "product_reference": "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "haproxy18-0:1.8.17-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le" }, "product_reference": "haproxy18-0:1.8.17-3.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64" }, "product_reference": "haproxy18-0:1.8.17-3.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-0:2.150.2.1549032159-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch" }, "product_reference": "jenkins-0:2.150.2.1549032159-1.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-0:2.150.2.1549032159-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src" }, "product_reference": "jenkins-0:2.150.2.1549032159-1.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch" }, "product_reference": "jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-2-plugins-0:3.11.1549642489-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src" }, "product_reference": "jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch" }, "product_reference": "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src" }, "product_reference": "openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch" }, "product_reference": "openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch" }, "product_reference": "openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch" }, "product_reference": "openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch" }, "product_reference": "openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le" }, "product_reference": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src" }, "product_reference": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64" }, "product_reference": "openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le" }, "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src" }, "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64" }, "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le" }, "product_reference": "prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64" }, "product_reference": "prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le" }, "product_reference": "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64" }, "product_reference": "prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le" }, "product_reference": "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" }, "product_reference": "prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-20102", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2018-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1658874" } ], "notes": [ { "category": "description", "text": "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", "title": "Vulnerability description" }, { "category": "summary", "text": "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-20102" }, { "category": "external", "summary": "RHBZ#1658874", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658874" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-20102", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20102" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20102" }, { "category": "external", "summary": "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", "url": "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html" } ], "release_date": "2018-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure" }, { "cve": "CVE-2018-20103", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1658876" } ], "notes": [ { "category": "description", "text": "An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion.", "title": "Vulnerability description" }, { "category": "summary", "text": "haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-20103" }, { "category": "external", "summary": "RHBZ#1658876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658876" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-20103", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20103" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20103", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20103" }, { "category": "external", "summary": "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", "url": "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html" } ], "release_date": "2018-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service" }, { "cve": "CVE-2018-20615", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-01-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1663060" } ], "notes": [ { "category": "description", "text": "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", "title": "Vulnerability description" }, { "category": "summary", "text": "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", "title": "Vulnerability summary" }, { "category": "other", "text": "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-20615" }, { "category": "external", "summary": "RHBZ#1663060", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663060" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-20615", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20615" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20615" } ], "release_date": "2019-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" }, { "category": "workaround", "details": "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash" }, { "cve": "CVE-2018-1000865", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2018-11-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1647059" } ], "notes": [ { "category": "description", "text": "A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1000865" }, { "category": "external", "summary": "RHBZ#1647059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1647059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000865", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000865" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000865", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000865" } ], "release_date": "2018-10-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" }, { "category": "workaround", "details": "Do not run untrusted jenkins pipeline scripts.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins-plugin-script-security: Sandbox Bypass in finalize methods" }, { "cve": "CVE-2018-1000866", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2018-11-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1647059" } ], "notes": [ { "category": "description", "text": "A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins-plugin-script-security: Sandbox Bypass in finalize methods", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-1000866" }, { "category": "external", "summary": "RHBZ#1647059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1647059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000866", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000866" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000866", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000866" } ], "release_date": "2018-10-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" }, { "category": "workaround", "details": "Do not run untrusted jenkins pipeline scripts.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins-plugin-script-security: Sandbox Bypass in finalize methods" }, { "cve": "CVE-2019-3826", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-02-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1672865" } ], "notes": [ { "category": "description", "text": "A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus. An attacker could exploit this by convincing an authenticated user to visit a crafted URL on a Prometheus server, allowing for the execution and persistent storage of arbitrary scripts.", "title": "Vulnerability description" }, { "category": "summary", "text": "prometheus: Stored DOM cross-site scripting (XSS) attack via crafted URL", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3826" }, { "category": "external", "summary": "RHBZ#1672865", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672865" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3826", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3826" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3826", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3826" } ], "release_date": "2019-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "prometheus: Stored DOM cross-site scripting (XSS) attack via crafted URL" }, { "cve": "CVE-2019-1003000", "cwe": { "id": "CWE-96", "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)" }, "discovery_date": "2019-01-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1667566" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jenkins Pipeline. The Script Security sandbox protection could be circumvented during the script compilation phase by applying AST, transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. This allowed users with Overall/Read permission, or able to control Jenkinsfile or sandboxed Pipeline shared library contents in SCM, to bypass the sandbox protection and execute arbitrary code on the Jenkins master. All known unsafe AST transformations in Groovy are now prohibited in sandboxed scripts. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1003000" }, { "category": "external", "summary": "RHBZ#1667566", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667566" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1003000", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1003000" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003000", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003000" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2019-01-08/", "url": "https://jenkins.io/security/advisory/2019-01-08/" } ], "release_date": "2019-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin" }, { "cve": "CVE-2019-1003001", "cwe": { "id": "CWE-96", "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)" }, "discovery_date": "2019-01-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1669505" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jenkins Pipeline. In the Declarative plugin, the script sandbox protection could be circumvented during the script compilation phase by applying AST. Both the pipeline validation REST APIs and the actual script/pipeline execution are affected. This allows users with Overall/Read permissions, or those able to control Jenkinsfile or the sandboxed Pipeline shared library contents in SCM, to bypass sandbox protection and execute arbitrary code on the Jenkins master. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins-plugin-workflow-cps: Sandbox Bypass in Pipeline: Groovy Plugin", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1003001" }, { "category": "external", "summary": "RHBZ#1669505", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669505" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1003001", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1003001" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003001", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003001" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2019-01-08/", "url": "https://jenkins.io/security/advisory/2019-01-08/" } ], "release_date": "2019-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins-plugin-workflow-cps: Sandbox Bypass in Pipeline: Groovy Plugin" }, { "cve": "CVE-2019-1003002", "cwe": { "id": "CWE-96", "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)" }, "discovery_date": "2019-01-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1669508" } ], "notes": [ { "category": "description", "text": "A flaw was found in Jenkins Pipeline. Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. This allows users with Overall/Read permission, or able to control Jenkinsfile or sandboxed Pipeline shared library contents in SCM, to bypass the sandbox protection and execute arbitrary code on the Jenkins master. All known unsafe AST transformations in Groovy are now prohibited in sandboxed scripts. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1003002" }, { "category": "external", "summary": "RHBZ#1669508", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669508" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1003002", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1003002" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003002", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003002" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2019-01-08/", "url": "https://jenkins.io/security/advisory/2019-01-08/" } ], "release_date": "2019-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins-plugin-pipeline-model-definition: Sandbox Bypass in Pipeline: Declarative" }, { "cve": "CVE-2019-1003003", "cwe": { "id": "CWE-613", "name": "Insufficient Session Expiration" }, "discovery_date": "2019-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1668345" } ], "notes": [ { "category": "description", "text": "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: cookie crafted using Jenkins script console allows unauthorised access to Jenkins instance", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1003003" }, { "category": "external", "summary": "RHBZ#1668345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668345" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1003003", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1003003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003003" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2019-01-16/", "url": "https://jenkins.io/security/advisory/2019-01-16/" } ], "release_date": "2019-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: cookie crafted using Jenkins script console allows unauthorised access to Jenkins instance" }, { "cve": "CVE-2019-1003004", "cwe": { "id": "CWE-613", "name": "Insufficient Session Expiration" }, "discovery_date": "2019-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1668736" } ], "notes": [ { "category": "description", "text": "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows attackers to extend the duration of active HTTP sessions indefinitely even though the user account may have been deleted in the mean time.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: deleting a user record will does not invalidate existing sessions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1003004" }, { "category": "external", "summary": "RHBZ#1668736", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668736" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1003004", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1003004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003004" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2019-01-16/", "url": "https://jenkins.io/security/advisory/2019-01-16/" } ], "release_date": "2019-01-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: deleting a user record will does not invalidate existing sessions" }, { "cve": "CVE-2019-1003010", "cwe": { "id": "CWE-96", "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)" }, "discovery_date": "2019-01-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1670292" } ], "notes": [ { "category": "description", "text": "A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins-plugin-git: CSRF vulnerability in Git Plugin (SECURITY-1095)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1003010" }, { "category": "external", "summary": "RHBZ#1670292", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670292" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1003010", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1003010" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003010", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003010" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095", "url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095" } ], "release_date": "2019-01-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jenkins-plugin-git: CSRF vulnerability in Git Plugin (SECURITY-1095)" }, { "cve": "CVE-2019-1003011", "cwe": { "id": "CWE-96", "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)" }, "discovery_date": "2019-01-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1670296" } ], "notes": [ { "category": "description", "text": "An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/AbstractChangesSinceMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ChangesSinceLastBuildMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ProjectUrlMacro.java that allows attackers with the ability to control token macro input (such as SCM changelogs) to define recursive input that results in unexpected macro evaluation.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins-plugin-token-macro: Recursive token expansion results in information disclosure and DoS in Token Macro Plugin (SECURITY-1102)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1003011" }, { "category": "external", "summary": "RHBZ#1670296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1003011", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1003011" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003011", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003011" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1102", "url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1102" } ], "release_date": "2019-01-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins-plugin-token-macro: Recursive token expansion results in information disclosure and DoS in Token Macro Plugin (SECURITY-1102)" }, { "cve": "CVE-2019-1003012", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2019-01-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1670298" } ], "notes": [ { "category": "description", "text": "A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, blueocean-rest/src/main/java/io/jenkins/blueocean/rest/APICrumbExclusion.java, blueocean-web/src/main/java/io/jenkins/blueocean/BlueOceanUI.java, blueocean-web/src/main/resources/io/jenkins/blueocean/BlueOceanUI/index.jelly that allows attackers to bypass all cross-site request forgery protection in Blue Ocean API.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins-plugin-blueocean: Blue Ocean did not require CSRF tokens (SECURITY-1201)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1003012" }, { "category": "external", "summary": "RHBZ#1670298", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670298" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1003012", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1003012" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003012", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003012" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1201", "url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1201" } ], "release_date": "2019-01-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins-plugin-blueocean: Blue Ocean did not require CSRF tokens (SECURITY-1201)" }, { "cve": "CVE-2019-1003013", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-01-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1670299" } ], "notes": [ { "category": "description", "text": "An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/JSONDataWriter.java, blueocean-rest-impl/src/main/java/io/jenkins/blueocean/service/embedded/UserStatePreloader.java, blueocean-web/src/main/resources/io/jenkins/blueocean/PageStatePreloadDecorator/header.jelly that allows attackers with permission to edit a user\u0027s description in Jenkins to have Blue Ocean render arbitrary HTML when using it as that user.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins-plugin-blueocean: XSS vulnerability via user description in Blue Ocean (SECURITY-1204)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1003013" }, { "category": "external", "summary": "RHBZ#1670299", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670299" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1003013", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1003013" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003013", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003013" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1204", "url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1204" } ], "release_date": "2019-01-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins-plugin-blueocean: XSS vulnerability via user description in Blue Ocean (SECURITY-1204)" }, { "cve": "CVE-2019-1003014", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-01-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1671324" } ], "notes": [ { "category": "description", "text": "An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to delete the shared configuration file.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins-plugin-config-file-provider: Stored XSS vulnerability in Config File Provider Plugin (SECURITY-1253)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1003014" }, { "category": "external", "summary": "RHBZ#1671324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1003014", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1003014" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003014", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1003014" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1253", "url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1253" } ], "release_date": "2019-01-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-02-20T14:11:43+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation, which will be updated shortly for release 3.11.82, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2019:0326" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.82-1.git.1673.133961e.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.82-1.git.0.efb6af0.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.82-1.git.300.89765c9.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.82-1.git.452.0ce6383.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.82-1.git.0.08bc31b.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.82-1.git.52.2fdca3f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.82-1.git.254.a448936.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.82-1.git.14.e353758.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.82-1.git.0.08bc31b.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.82-1.git.355.5e8b1d9.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.82-1.git.425.7cac034.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.82-1.git.1063.48444e8.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.82-1.git.5027.9d24833.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.ppc64le", "7Server-RH7-RHOSE-3.11:haproxy18-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.150.2.1549032159-1.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1549642489-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.82-3.git.0.9718d0a.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.82-3.git.0.9718d0a.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.82-1.git.219.0b5aff4.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.82-1.git.380.cf11c51.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.82-1.git.5027.9d24833.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.82-1.git.0.3bf41ce.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.82-1.git.1063.48444e8.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins-plugin-config-file-provider: Stored XSS vulnerability in Config File Provider Plugin (SECURITY-1253)" } ] }
rhsa-2019_0547
Vulnerability from csaf_redhat
Published
2019-03-14 07:58
Modified
2024-11-15 00:40
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update
Notes
Topic
An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.
Security fix(es):
* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for haproxy is now available for Red Hat OpenShift Container Platform 3.9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications.\n\nSecurity fix(es):\n\n* haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash (CVE-2018-20615)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:0547", "url": "https://access.redhat.com/errata/RHSA-2019:0547" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1663060", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663060" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0547.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 3.9 haproxy security update", "tracking": { "current_release_date": "2024-11-15T00:40:08+00:00", "generator": { "date": "2024-11-15T00:40:08+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:0547", "initial_release_date": "2019-03-14T07:58:31+00:00", "revision_history": [ { "date": "2019-03-14T07:58:31+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-03-14T07:58:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T00:40:08+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 3.9", "product": { "name": "Red Hat OpenShift Container Platform 3.9", "product_id": "7Server-RH7-RHOSE-3.9", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:3.9::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "product": { "name": "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "product_id": "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/haproxy-debuginfo@1.8.17-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "haproxy18-0:1.8.17-3.el7.x86_64", "product": { "name": "haproxy18-0:1.8.17-3.el7.x86_64", "product_id": "haproxy18-0:1.8.17-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/haproxy18@1.8.17-3.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "haproxy-0:1.8.17-3.el7.src", "product": { "name": "haproxy-0:1.8.17-3.el7.src", "product_id": "haproxy-0:1.8.17-3.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/haproxy@1.8.17-3.el7?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "haproxy-0:1.8.17-3.el7.src as a component of Red Hat OpenShift Container Platform 3.9", "product_id": "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src" }, "product_reference": "haproxy-0:1.8.17-3.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.9" }, { "category": "default_component_of", "full_product_name": { "name": "haproxy-debuginfo-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.9", "product_id": "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64" }, "product_reference": "haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.9" }, { "category": "default_component_of", "full_product_name": { "name": "haproxy18-0:1.8.17-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.9", "product_id": "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64" }, "product_reference": "haproxy18-0:1.8.17-3.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.9" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-20102", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2018-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1658874" } ], "notes": [ { "category": "description", "text": "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", "title": "Vulnerability description" }, { "category": "summary", "text": "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-20102" }, { "category": "external", "summary": "RHBZ#1658874", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658874" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-20102", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20102" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20102" }, { "category": "external", "summary": "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", "url": "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html" } ], "release_date": "2018-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-03-14T07:58:31+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.9/release_notes/ocp_3_9_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:0547" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure" }, { "cve": "CVE-2018-20615", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-01-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1663060" } ], "notes": [ { "category": "description", "text": "A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. Mishandling occurs when a priority flag is set on too short HEADERS frame in the HTTP/2 decoder, allowing an out-of-bounds read and a subsequent crash to occur. A remote attacker can exploit this flaw to cause a denial of service. Those who do not use HTTP/2 are unaffected.", "title": "Vulnerability description" }, { "category": "summary", "text": "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash", "title": "Vulnerability summary" }, { "category": "other", "text": "HTTP/2 support was added to haproxy in version 1.8, therefore OpenShift Container Platform (OCP) 3.7 and earlier are unaffected by this flaw, see [1]. OCP 3.11 added a configuration option to ose-haproxy-router that made enabling HTTP/2 support easy, [2]. Prior to that, in versions OCP 3.9 and 3.10, an administrator had to customize the haproxy router configuration to add HTTP/2 support, [3]. OCP 3.9, and 3.10 are rated as moderate because HTTP/2 support was not a standard configuration option, and therefore unlikely to be enabled.\n\nVersions of haproxy included in Red Hat Enterprise Linux 6 and 7, excluding rh-haproxy18-haproxy in Red Hat Software Collections, are unaffected as they package versions of haproxy before 1.7.\n\n[1] http://www.haproxy.org/news.html\n\n[2] https://github.com/openshift/origin/pull/19968\n\n[3] https://docs.openshift.com/container-platform/3.10/install_config/router/customized_haproxy_router.html", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-20615" }, { "category": "external", "summary": "RHBZ#1663060", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663060" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-20615", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20615" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20615", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20615" } ], "release_date": "2019-01-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-03-14T07:58:31+00:00", "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nSee the following documentation for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/3.9/release_notes/ocp_3_9_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:0547" }, { "category": "workaround", "details": "HTTP/2 support is disabled by default on OpenShift Container Platform 3.11. To mitigate this vulnerability keep it disabled. You can verify if HTTP/2 support is enabled by following the instructions in the upstream pull request, [1].\n\n[1] https://github.com/openshift/origin/pull/19968", "product_ids": [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-RH7-RHOSE-3.9:haproxy-0:1.8.17-3.el7.src", "7Server-RH7-RHOSE-3.9:haproxy-debuginfo-0:1.8.17-3.el7.x86_64", "7Server-RH7-RHOSE-3.9:haproxy18-0:1.8.17-3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash" } ] }
rhsa-2019_1436
Vulnerability from csaf_redhat
Published
2019-06-11 12:02
Modified
2024-11-15 00:42
Summary
Red Hat Security Advisory: rh-haproxy18-haproxy security, bug fix, and enhancement update
Notes
Topic
An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.
The following packages have been upgraded to a later upstream version: rh-haproxy18-haproxy (1.8.17). (BZ#1660514)
Security Fix(es):
* haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service (CVE-2018-20103)
* haproxy: Information disclosure in check_request_for_cacheability function in proto_http.c (CVE-2018-11469)
* haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure (CVE-2018-20102)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* ALPN is not enabled due to old OpenSSL dependancy (BZ#1595865)
* HAProxy 1.8: Seamless reload does not work with send-/accept-proxy (BZ#1649041)
Enhancement(s):
* RFE : Haproxy does not resolve ipv6 resolvable hostnames in the backend section. (BZ#1575585)
Additional Changes:
For detailed information on changes in this release, see the Red Hat Software Collections 3.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments.\n\nThe following packages have been upgraded to a later upstream version: rh-haproxy18-haproxy (1.8.17). (BZ#1660514)\n\nSecurity Fix(es):\n\n* haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service (CVE-2018-20103)\n\n* haproxy: Information disclosure in check_request_for_cacheability function in proto_http.c (CVE-2018-11469)\n\n* haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure (CVE-2018-20102)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* ALPN is not enabled due to old OpenSSL dependancy (BZ#1595865)\n\n* HAProxy 1.8: Seamless reload does not work with send-/accept-proxy (BZ#1649041)\n\nEnhancement(s):\n\n* RFE : Haproxy does not resolve ipv6 resolvable hostnames in the backend section. (BZ#1575585)\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Software Collections 3.3 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:1436", "url": "https://access.redhat.com/errata/RHSA-2019:1436" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html-single/3.3_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html-single/3.3_release_notes/" }, { "category": "external", "summary": "1575585", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1575585" }, { "category": "external", "summary": "1582635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1582635" }, { "category": "external", "summary": "1595865", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595865" }, { "category": "external", "summary": "1649041", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649041" }, { "category": "external", "summary": "1658874", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658874" }, { "category": "external", "summary": "1658876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658876" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1436.json" } ], "title": "Red Hat Security Advisory: rh-haproxy18-haproxy security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-15T00:42:23+00:00", "generator": { "date": "2024-11-15T00:42:23+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2019:1436", "initial_release_date": "2019-06-11T12:02:51+00:00", "revision_history": [ { "date": "2019-06-11T12:02:51+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-06-11T12:02:51+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T00:42:23+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", "product_id": "7Server-RHSCL-3.3-7.4.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", "product_id": "7Server-RHSCL-3.3-7.5.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product": { "name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.3-7.6.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } } ], "category": "product_family", "name": "Red Hat Software Collections" }, { "branches": [ { "category": "product_version", "name": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "product": { "name": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "product_id": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-haproxy18-haproxy-syspaths@1.8.17-1.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "product": { "name": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "product_id": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-haproxy18-haproxy-debuginfo@1.8.17-1.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "product": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "product_id": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-haproxy18-haproxy@1.8.17-1.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "product": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "product_id": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-haproxy18-haproxy@1.8.17-1.el7?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", "product_id": "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src" }, "product_reference": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", "product_id": "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", "product_id": "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)", "product_id": "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3-7.4.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", "product_id": "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src" }, "product_reference": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", "product_id": "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", "product_id": "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)", "product_id": "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3-7.5.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src" }, "product_reference": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)", "product_id": "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3-7.6.Z" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src" }, "product_reference": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)", "product_id": "7Server-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src" }, "product_reference": "rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)", "product_id": "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" }, "product_reference": "rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.3" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-11469", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-05-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1582635" } ], "notes": [ { "category": "description", "text": "Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function.", "title": "Vulnerability description" }, { "category": "summary", "text": "haproxy: Information disclosure in check_request_for_cacheability function in proto_http.c", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security has rated this issue as having a security impact of Moderate, and a future update may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-11469" }, { "category": "external", "summary": "RHBZ#1582635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1582635" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-11469", "url": "https://www.cve.org/CVERecord?id=CVE-2018-11469" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11469", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11469" } ], "release_date": "2018-05-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-06-11T12:02:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:1436" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "haproxy: Information disclosure in check_request_for_cacheability function in proto_http.c" }, { "cve": "CVE-2018-20102", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2018-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1658874" } ], "notes": [ { "category": "description", "text": "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", "title": "Vulnerability description" }, { "category": "summary", "text": "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-20102" }, { "category": "external", "summary": "RHBZ#1658874", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658874" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-20102", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20102" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20102", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20102" }, { "category": "external", "summary": "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", "url": "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html" } ], "release_date": "2018-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-06-11T12:02:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:1436" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "haproxy: Out-of-bounds read in dns.c:dns_validate_dns_response() allows for memory disclosure" }, { "cve": "CVE-2018-20103", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1658876" } ], "notes": [ { "category": "description", "text": "An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion.", "title": "Vulnerability description" }, { "category": "summary", "text": "haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of haproxy as shipped with Red Hat Enterprise Linux 6 and 7.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-20103" }, { "category": "external", "summary": "RHBZ#1658876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658876" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-20103", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20103" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20103", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20103" }, { "category": "external", "summary": "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html", "url": "https://www.mail-archive.com/haproxy@formilux.org/msg32055.html" } ], "release_date": "2018-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-06-11T12:02:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:1436" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.4.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.5.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3-7.6.Z:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Server-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.src", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-debuginfo-0:1.8.17-1.el7.x86_64", "7Workstation-RHSCL-3.3:rh-haproxy18-haproxy-syspaths-0:1.8.17-1.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "haproxy: Infinite recursion via crafted packet allows stack exhaustion and denial of service" } ] }
gsd-2018-20102
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2018-20102", "description": "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", "id": "GSD-2018-20102", "references": [ "https://www.suse.com/security/cve/CVE-2018-20102.html", "https://access.redhat.com/errata/RHSA-2019:1436", "https://access.redhat.com/errata/RHSA-2019:0547", "https://access.redhat.com/errata/RHBA-2019:0326", "https://ubuntu.com/security/CVE-2018-20102", "https://security.archlinux.org/CVE-2018-20102" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2018-20102" ], "details": "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", "id": "GSD-2018-20102", "modified": "2023-12-13T01:22:29.332072Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20102", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0", "refsource": "MISC", "url": "http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0" }, { "name": "USN-3858-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3858-1/" }, { "name": "RHBA-2019:0326", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2019:0326" }, { "name": "106223", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106223" }, { "name": "RHBA-2019:0327", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "name": "RHSA-2019:1436", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1436" }, { "name": "[debian-lts-announce] 20220530 [SECURITY] [DLA 3034-1] haproxy security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.8.14", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20102" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-125" } ] } ] }, "references": { "reference_data": [ { "name": "http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0", "refsource": "MISC", "tags": [ "Third Party Advisory", "Patch" ], "url": "http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0" }, { "name": "106223", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/106223" }, { "name": "USN-3858-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/3858-1/" }, { "name": "RHBA-2019:0326", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHBA-2019:0326" }, { "name": "RHBA-2019:0327", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "name": "RHSA-2019:1436", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2019:1436" }, { "name": "[debian-lts-announce] 20220530 [SECURITY] [DLA 3034-1] haproxy security update", "refsource": "MLIST", "tags": [], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2022-06-02T14:15Z", "publishedDate": "2018-12-12T17:29Z" } } }
ghsa-5m22-hqfx-435p
Vulnerability from github
Published
2022-05-14 00:58
Modified
2022-05-14 00:58
Severity ?
Details
An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.
{ "affected": [], "aliases": [ "CVE-2018-20102" ], "database_specific": { "cwe_ids": [ "CWE-125" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2018-12-12T17:29:00Z", "severity": "HIGH" }, "details": "An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.", "id": "GHSA-5m22-hqfx-435p", "modified": "2022-05-14T00:58:33Z", "published": "2022-05-14T00:58:33Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20102" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHBA-2019:0326" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:1436" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html" }, { "type": "WEB", "url": "https://usn.ubuntu.com/3858-1" }, { "type": "WEB", "url": "http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/106223" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.