rhsa-2021_0423
Vulnerability from csaf_redhat
Published
2021-02-17 19:06
Modified
2024-11-22 16:25
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.17 security and packages update
Notes
Topic
Red Hat OpenShift Container Platform release 4.6.17 is now available with
updates to packages and images that fix several bugs.
This release includes a security update for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.6.17. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2021:0424
Security Fix(es):
* jenkins: XSS vulnerability in notification bar (CVE-2021-21603)
* jenkins: Improper handling of REST API XML deserialization errors (CVE-2021-21604)
* jenkins: Path traversal vulnerability in agent names (CVE-2021-21605)
* jenkins: Stored XSS vulnerability in button labels (CVE-2021-21608)
* jenkins: Reflected XSS vulnerability in markup formatter preview (CVE-2021-21610)
* jenkins: Stored XSS vulnerability on new item page (CVE-2021-21611)
* ant: insecure temporary file vulnerability (CVE-2020-1945)
* ant: insecure temporary file (CVE-2020-11979)
* jenkins: Arbitrary file read vulnerability in workspace browsers (CVE-2021-21602)
* jenkins: Arbitrary file existence check in file fingerprints (CVE-2021-21606)
* jenkins: Excessive memory allocation in graph URLs leads to denial of service (CVE-2021-21607)
* jenkins: Filesystem traversal by privileged users (CVE-2021-21615)
* jenkins: Missing permission check for paths with specific prefix (CVE-2021-21609)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 4.6.17 is now available with\nupdates to packages and images that fix several bugs.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.6.17. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:0424\n\nSecurity Fix(es):\n\n* jenkins: XSS vulnerability in notification bar (CVE-2021-21603)\n\n* jenkins: Improper handling of REST API XML deserialization errors (CVE-2021-21604)\n\n* jenkins: Path traversal vulnerability in agent names (CVE-2021-21605)\n\n* jenkins: Stored XSS vulnerability in button labels (CVE-2021-21608)\n\n* jenkins: Reflected XSS vulnerability in markup formatter preview (CVE-2021-21610)\n\n* jenkins: Stored XSS vulnerability on new item page (CVE-2021-21611)\n\n* ant: insecure temporary file vulnerability (CVE-2020-1945)\n\n* ant: insecure temporary file (CVE-2020-11979)\n\n* jenkins: Arbitrary file read vulnerability in workspace browsers (CVE-2021-21602)\n\n* jenkins: Arbitrary file existence check in file fingerprints (CVE-2021-21606)\n\n* jenkins: Excessive memory allocation in graph URLs leads to denial of service (CVE-2021-21607)\n\n* jenkins: Filesystem traversal by privileged users (CVE-2021-21615)\n\n* jenkins: Missing permission check for paths with specific prefix (CVE-2021-21609)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:0423", "url": "https://access.redhat.com/errata/RHSA-2021:0423" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1837444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837444" }, { "category": "external", "summary": "1903702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903702" }, { "category": "external", "summary": "1921322", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921322" }, { "category": "external", "summary": "1925140", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925140" }, { "category": "external", "summary": "1925141", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925141" }, { "category": "external", "summary": "1925143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925143" }, { "category": "external", "summary": "1925145", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925145" }, { "category": "external", "summary": "1925151", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925151" }, { "category": "external", "summary": "1925156", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925156" }, { "category": "external", "summary": "1925157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925157" }, { "category": "external", "summary": "1925159", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925159" }, { "category": "external", "summary": "1925160", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925160" }, { "category": "external", "summary": "1925161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925161" }, { "category": "external", "summary": "1925674", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925674" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0423.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.17 security and packages update", "tracking": { "current_release_date": "2024-11-22T16:25:42+00:00", "generator": { "date": "2024-11-22T16:25:42+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:0423", "initial_release_date": "2021-02-17T19:06:25+00:00", "revision_history": [ { "date": "2021-02-17T19:06:25+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-02-17T19:06:25+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T16:25:42+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.6", "product": { "name": "Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.6::el8" } } }, { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.6", "product": { "name": "Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.6::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "product": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "product_id": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202102050644.p0.git.3831.1c61c6b.el8?arch=src" } } }, { "category": "product_version", "name": "openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "product": { "name": "openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "product_id": "openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift@4.6.0-202102050212.p0.git.94265.716fcf8.el8?arch=src" } } }, { "category": "product_version", "name": "jenkins-0:2.263.3.1612434510-1.el8.src", "product": { "name": "jenkins-0:2.263.3.1612434510-1.el8.src", "product_id": "jenkins-0:2.263.3.1612434510-1.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins@2.263.3.1612434510-1.el8?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "product": { "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "product_id": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.6.0-202102031810.p0.git.15.dcab90a.el8?arch=src" } } }, { "category": "product_version", "name": "openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "product": { "name": "openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "product_id": "openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr@4.6.0-202102031810.p0.git.2225.a3ab872.el8?arch=src" } } }, { "category": "product_version", "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "product": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "product_id": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc@1.0.0-82.rhaos4.6.git086e841.el8?arch=src" } } }, { "category": "product_version", "name": "jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "product": { "name": "jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "product_id": "jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.6.1612257979-1.el8?arch=src" } } }, { "category": "product_version", "name": "python-rsa-0:4.7-1.el8.src", "product": { "name": "python-rsa-0:4.7-1.el8.src", "product_id": "python-rsa-0:4.7-1.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-rsa@4.7-1.el8?arch=src" } } }, { "category": "product_version", "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "product": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "product_id": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202102050644.p0.git.3831.1c61c6b.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "product": { "name": "openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "product_id": "openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift@4.6.0-202102050212.p0.git.94265.716fcf8.el7?arch=src" } } }, { "category": "product_version", "name": "cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "product": { "name": "cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "product_id": "cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.19.1-7.rhaos4.6.git6377f68.el7?arch=src" } } }, { "category": "product_version", "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "product": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "product_id": "runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc@1.0.0-82.rhaos4.6.git086e841.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "product": { "name": "openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "product_id": "openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible@4.6.0-202102031649.p0.git.0.bf90f86.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "product": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "product_id": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202102050644.p0.git.3831.1c61c6b.el8?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "product": { "name": "openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "product_id": "openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.6.0-202102050644.p0.git.3831.1c61c6b.el8?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "product": { "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "product_id": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202102050212.p0.git.94265.716fcf8.el8?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "product": { "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "product_id": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.6.0-202102031810.p0.git.15.dcab90a.el8?arch=x86_64" } } }, { "category": "product_version", "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "product": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "product_id": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc@1.0.0-82.rhaos4.6.git086e841.el8?arch=x86_64" } } }, { "category": "product_version", "name": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "product": { "name": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "product_id": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-82.rhaos4.6.git086e841.el8?arch=x86_64" } } }, { "category": "product_version", "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "product": { "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "product_id": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-82.rhaos4.6.git086e841.el8?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "product": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "product_id": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202102050644.p0.git.3831.1c61c6b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "product": { "name": "openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "product_id": "openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.6.0-202102050644.p0.git.3831.1c61c6b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "product": { "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "product_id": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202102050212.p0.git.94265.716fcf8.el7?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "product": { "name": "cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "product_id": "cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.19.1-7.rhaos4.6.git6377f68.el7?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "product": { "name": "cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "product_id": "cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.19.1-7.rhaos4.6.git6377f68.el7?arch=x86_64" } } }, { "category": "product_version", "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "product": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "product_id": "runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc@1.0.0-82.rhaos4.6.git086e841.el7?arch=x86_64" } } }, { "category": "product_version", "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "product": { "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "product_id": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-82.rhaos4.6.git086e841.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "product": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "product_id": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202102050644.p0.git.3831.1c61c6b.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "product": { "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "product_id": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202102050212.p0.git.94265.716fcf8.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "product": { "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "product_id": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.6.0-202102031810.p0.git.15.dcab90a.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "product": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "product_id": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc@1.0.0-82.rhaos4.6.git086e841.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "product": { "name": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "product_id": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-82.rhaos4.6.git086e841.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "product": { "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "product_id": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-82.rhaos4.6.git086e841.el8?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "product": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "product_id": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202102050644.p0.git.3831.1c61c6b.el8?arch=s390x" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "product": { "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "product_id": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202102050212.p0.git.94265.716fcf8.el8?arch=s390x" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "product": { "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "product_id": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.6.0-202102031810.p0.git.15.dcab90a.el8?arch=s390x" } } }, { "category": "product_version", "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "product": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "product_id": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc@1.0.0-82.rhaos4.6.git086e841.el8?arch=s390x" } } }, { "category": "product_version", "name": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "product": { "name": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "product_id": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-82.rhaos4.6.git086e841.el8?arch=s390x" } } }, { "category": "product_version", "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "product": { "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "product_id": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-82.rhaos4.6.git086e841.el8?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "jenkins-0:2.263.3.1612434510-1.el8.noarch", "product": { "name": "jenkins-0:2.263.3.1612434510-1.el8.noarch", "product_id": "jenkins-0:2.263.3.1612434510-1.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins@2.263.3.1612434510-1.el8?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product": { "name": "openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product_id": "openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.6.0-202102031810.p0.git.2225.a3ab872.el8?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product": { "name": "openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product_id": "openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-common@4.6.0-202102031810.p0.git.2225.a3ab872.el8?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product": { "name": "openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product_id": "openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.6.0-202102031810.p0.git.2225.a3ab872.el8?arch=noarch" } } }, { "category": "product_version", "name": "python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product": { "name": "python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product_id": "python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.6.0-202102031810.p0.git.2225.a3ab872.el8?arch=noarch" } } }, { "category": "product_version", "name": "jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "product": { "name": "jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "product_id": "jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.6.1612257979-1.el8?arch=noarch" } } }, { "category": "product_version", "name": "python3-rsa-0:4.7-1.el8.noarch", "product": { "name": "python3-rsa-0:4.7-1.el8.noarch", "product_id": "python3-rsa-0:4.7-1.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-rsa@4.7-1.el8?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "product": { "name": "openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "product_id": "openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible@4.6.0-202102031649.p0.git.0.bf90f86.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "product": { "name": "openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "product_id": "openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-test@4.6.0-202102031649.p0.git.0.bf90f86.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src" }, "product_reference": "cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64" }, "product_reference": "cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64" }, "product_reference": "cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src" }, "product_reference": "openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch" }, "product_reference": "openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src" }, "product_reference": "openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch" }, "product_reference": "openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src" }, "product_reference": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64" }, "product_reference": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64" }, "product_reference": "openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64" }, "product_reference": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src" }, "product_reference": "runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64" }, "product_reference": "runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64" }, "product_reference": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le" }, "product_reference": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x" }, "product_reference": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src" }, "product_reference": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64" }, "product_reference": "atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-0:2.263.3.1612434510-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch" }, "product_reference": "jenkins-0:2.263.3.1612434510-1.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-0:2.263.3.1612434510-1.el8.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" }, "product_reference": "jenkins-0:2.263.3.1612434510-1.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch" }, "product_reference": "jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-2-plugins-0:4.6.1612257979-1.el8.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src" }, "product_reference": "jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src" }, "product_reference": "openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le" }, "product_reference": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x" }, "product_reference": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src" }, "product_reference": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64" }, "product_reference": "openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64" }, "product_reference": "openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le" }, "product_reference": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x" }, "product_reference": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64" }, "product_reference": "openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src" }, "product_reference": "openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch" }, "product_reference": "openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch" }, "product_reference": "openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch" }, "product_reference": "openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "python-rsa-0:4.7-1.el8.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src" }, "product_reference": "python-rsa-0:4.7-1.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch" }, "product_reference": "python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-rsa-0:4.7-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch" }, "product_reference": "python3-rsa-0:4.7-1.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le" }, "product_reference": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x" }, "product_reference": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src" }, "product_reference": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" }, "product_reference": "runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le" }, "product_reference": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x" }, "product_reference": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" }, "product_reference": "runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le" }, "product_reference": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x" }, "product_reference": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" }, "product_reference": "runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-1945", "cwe": { "id": "CWE-377", "name": "Insecure Temporary File" }, "discovery_date": "2020-05-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1837444" } ], "notes": [ { "category": "description", "text": "Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.", "title": "Vulnerability description" }, { "category": "summary", "text": "ant: insecure temporary file vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of ant package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1945" }, { "category": "external", "summary": "RHBZ#1837444", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837444" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1945", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1945" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1945", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1945" } ], "release_date": "2020-05-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" }, { "category": "workaround", "details": "For versions 1.1 to 1.9.14 and 1.10.0 to 1.10.7, set the java.io.tmpdir system property to a private directory-- only readable and writable by the current user-- before running Ant.\n\nFor versions 1.9.15 and 1.10.8, use the Ant property ant.tmpfile instead. Ant 1.10.8 protects the temporary files if the underlying filesystem allows it, but using a private temporary directory is still recommended.", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ant: insecure temporary file vulnerability" }, { "cve": "CVE-2020-11979", "cwe": { "id": "CWE-377", "name": "Insecure Temporary File" }, "discovery_date": "2020-10-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1903702" } ], "notes": [ { "category": "description", "text": "As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.", "title": "Vulnerability description" }, { "category": "summary", "text": "ant: insecure temporary file", "title": "Vulnerability summary" }, { "category": "other", "text": "ant as shipped in Red Hat Enterprise Linux 8 is not affected by this flaw because this flaw is caused by the patch for CVE-2020-1945, however, it was never applied to ant as shipped in Red Hat Enterprise Linux 8, because the decision was made by Engineering to WONTFIX that flaw.\n\nIn OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of ant package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11979" }, { "category": "external", "summary": "RHBZ#1903702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903702" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11979", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11979" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11979", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11979" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202011-18", "url": "https://security.gentoo.org/glsa/202011-18" } ], "release_date": "2020-10-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ant: insecure temporary file" }, { "cve": "CVE-2021-21602", "cwe": { "id": "CWE-59", "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)" }, "discovery_date": "2021-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1925161" } ], "notes": [ { "category": "description", "text": "Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows reading arbitrary files using the file browser for workspaces and archived artifacts by following symlinks.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Arbitrary file read vulnerability in workspace browsers", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21602" }, { "category": "external", "summary": "RHBZ#1925161", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925161" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21602", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21602" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21602", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21602" } ], "release_date": "2021-01-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: Arbitrary file read vulnerability in workspace browsers" }, { "cve": "CVE-2021-21603", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1925160" } ], "notes": [ { "category": "description", "text": "A flaw was found in jenkins. A cross-site scripting (XSS) vulnerability is possible due to the contents of the notification bar responses not being properly escaped. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: XSS vulnerability in notification bar", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21603" }, { "category": "external", "summary": "RHBZ#1925160", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925160" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21603", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21603" } ], "release_date": "2021-01-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins: XSS vulnerability in notification bar" }, { "cve": "CVE-2021-21604", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2021-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1925157" } ], "notes": [ { "category": "description", "text": "A flaw was found in jenkins. An attacker with permission to create or configure various objects to inject crafted content into Old Data Monitor can cause the instantiation of potentially unsafe objects once discarded by an administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Improper handling of REST API XML deserialization errors", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21604" }, { "category": "external", "summary": "RHBZ#1925157", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925157" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21604", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21604" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21604", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21604" } ], "release_date": "2021-01-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins: Improper handling of REST API XML deserialization errors" }, { "cve": "CVE-2021-21605", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1925143" } ], "notes": [ { "category": "description", "text": "A flaw was found in jenkins. Users with Agent/Configure permissions can choose agent names that cause an override to the global `config.xml` file. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Path traversal vulnerability in agent names", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21605" }, { "category": "external", "summary": "RHBZ#1925143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925143" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21605", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21605" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21605", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21605" } ], "release_date": "2021-01-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins: Path traversal vulnerability in agent names" }, { "cve": "CVE-2021-21606", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1925159" } ], "notes": [ { "category": "description", "text": "Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML files with a short path.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Arbitrary file existence check in file fingerprints", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21606" }, { "category": "external", "summary": "RHBZ#1925159", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925159" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21606", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21606" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21606", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21606" } ], "release_date": "2021-01-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: Arbitrary file existence check in file fingerprints" }, { "cve": "CVE-2021-21607", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2021-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1925156" } ], "notes": [ { "category": "description", "text": "Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit sizes provided as query parameters to graph-rendering URLs, allowing attackers to request crafted URLs that use all available memory in Jenkins, potentially leading to out of memory errors.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Excessive memory allocation in graph URLs leads to denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21607" }, { "category": "external", "summary": "RHBZ#1925156", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925156" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21607", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21607" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21607", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21607" } ], "release_date": "2021-01-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: Excessive memory allocation in graph URLs leads to denial of service" }, { "cve": "CVE-2021-21608", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1925140" } ], "notes": [ { "category": "description", "text": "A flaw was found in jenkins. A cross-site scripting (XSS) vulnerability, due to the button labels not being properly escaped, can allow an attacker to control button labels. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Stored XSS vulnerability in button labels", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21608" }, { "category": "external", "summary": "RHBZ#1925140", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925140" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21608", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21608" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21608", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21608" } ], "release_date": "2021-01-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins: Stored XSS vulnerability in button labels" }, { "cve": "CVE-2021-21609", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2021-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1925141" } ], "notes": [ { "category": "description", "text": "Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not correctly match requested URLs to the list of always accessible paths, allowing attackers without Overall/Read permission to access some URLs as if they did have Overall/Read permission.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Missing permission check for paths with specific prefix", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21609" }, { "category": "external", "summary": "RHBZ#1925141", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925141" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21609", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21609" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21609", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21609" } ], "release_date": "2021-01-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "jenkins: Missing permission check for paths with specific prefix" }, { "cve": "CVE-2021-21610", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1925151" } ], "notes": [ { "category": "description", "text": "A flaw was found in jenkins. A cross-site scripting (XSS) vulnerability is possible due to the lack of restrictions in URL rendering in the formatted previews of markup passed as a query parameter if the configured markup formatter does not prohibit unsafe elements in the markup. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Reflected XSS vulnerability in markup formatter preview", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21610" }, { "category": "external", "summary": "RHBZ#1925151", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925151" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21610", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21610" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21610", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21610" } ], "release_date": "2021-01-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins: Reflected XSS vulnerability in markup formatter preview" }, { "cve": "CVE-2021-21611", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2021-02-04T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1925145" } ], "notes": [ { "category": "description", "text": "A flaw was found in jenkins. A cross-site scripting (XSS) vulnerability is possible due to display names and IDs of item types shown on the New Item page not being properly escaped. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Stored XSS vulnerability on new item page", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21611" }, { "category": "external", "summary": "RHBZ#1925145", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925145" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21611", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21611" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21611", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21611" } ], "release_date": "2021-01-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins: Stored XSS vulnerability on new item page" }, { "cve": "CVE-2021-21615", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2021-01-27T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1921322" } ], "notes": [ { "category": "description", "text": "Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Filesystem traversal by privileged users", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.src", "7Server-RH7-RHOSE-4.6:cri-o-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-7.rhaos4.6.git6377f68.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.src", "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202102031649.p0.git.0.bf90f86.el7.noarch", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.src", "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el7.x86_64", "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.src", "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el7.x86_64", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.ppc64le", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.s390x", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.src", "8Base-RHOSE-4.6:atomic-openshift-service-idler-0:4.6.0-202102031810.p0.git.15.dcab90a.el8.x86_64", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1612257979-1.el8.src", "8Base-RHOSE-4.6:openshift-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.ppc64le", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.s390x", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.src", "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202102050644.p0.git.3831.1c61c6b.el8.x86_64", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.ppc64le", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.s390x", "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202102050212.p0.git.94265.716fcf8.el8.x86_64", "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.src", "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python-rsa-0:4.7-1.el8.src", "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202102031810.p0.git.2225.a3ab872.el8.noarch", "8Base-RHOSE-4.6:python3-rsa-0:4.7-1.el8.noarch", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.src", "8Base-RHOSE-4.6:runc-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.ppc64le", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.s390x", "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-82.rhaos4.6.git086e841.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-21615" }, { "category": "external", "summary": "RHBZ#1921322", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921322" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-21615", "url": "https://www.cve.org/CVERecord?id=CVE-2021-21615" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-21615", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21615" }, { "category": "external", "summary": "https://www.jenkins.io/security/advisory/2021-01-26/#SECURITY-2197", "url": "https://www.jenkins.io/security/advisory/2021-01-26/#SECURITY-2197" } ], "release_date": "2021-01-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-02-17T19:06:25+00:00", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:0423" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.noarch", "8Base-RHOSE-4.6:jenkins-0:2.263.3.1612434510-1.el8.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: Filesystem traversal by privileged users" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.