rhsa-2021_1552
Vulnerability from csaf_redhat
Published
2021-05-19 15:12
Modified
2024-12-08 11:55
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.7.11 security and bug fix update

Notes

Topic
Red Hat OpenShift Container Platform release 4.7.11 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.11. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHBA-2021:1550 Security Fix(es): * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Container Platform release 4.7.11 is now available with updates to packages and images that fix several bugs.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.11. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1550\n\nSecurity Fix(es):\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2021:1552",
        "url": "https://access.redhat.com/errata/RHSA-2021:1552"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1919391",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919391"
      },
      {
        "category": "external",
        "summary": "1921650",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
      },
      {
        "category": "external",
        "summary": "1940584",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940584"
      },
      {
        "category": "external",
        "summary": "1959661",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1959661"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1552.json"
      }
    ],
    "title": "Red Hat Security Advisory: OpenShift Container Platform 4.7.11 security and bug fix update",
    "tracking": {
      "current_release_date": "2024-12-08T11:55:01+00:00",
      "generator": {
        "date": "2024-12-08T11:55:01+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.3"
        }
      },
      "id": "RHSA-2021:1552",
      "initial_release_date": "2021-05-19T15:12:09+00:00",
      "revision_history": [
        {
          "date": "2021-05-19T15:12:09+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2021-05-19T15:12:09+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-08T11:55:01+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 4.7",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.7",
                  "product_id": "8Base-RHOSE-4.7",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:4.7::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64",
                "product": {
                  "name": "openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64",
                  "product_id": "openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.7.0-202104281843.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64",
                "product": {
                  "name": "openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64",
                  "product_id": "openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.7.0-202105060839.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64",
                "product": {
                  "name": "openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64",
                  "product_id": "openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.7.0-202105111940.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
                "product": {
                  "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
                  "product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.7.0-202105061841.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
                "product": {
                  "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
                  "product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.7.0-202105061841.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64",
                "product": {
                  "name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64",
                  "product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.7.0-202105062015.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64",
                "product": {
                  "name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64",
                  "product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.7.0-202105062344.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64",
                "product": {
                  "name": "openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64",
                  "product_id": "openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.7.0-202105060839.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64",
                "product": {
                  "name": "openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64",
                  "product_id": "openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.7.0-202104280847.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64",
                "product": {
                  "name": "openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64",
                  "product_id": "openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.7.0-202105071917.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64",
                "product": {
                  "name": "openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64",
                  "product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.7.0-202104292239.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64",
                "product": {
                  "name": "openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64",
                  "product_id": "openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.7.0-202104292239.p0"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le",
                "product": {
                  "name": "openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le",
                  "product_id": "openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.7.0-202104281843.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le",
                "product": {
                  "name": "openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le",
                  "product_id": "openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.7.0-202105060839.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le",
                "product": {
                  "name": "openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le",
                  "product_id": "openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.7.0-202105111940.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
                "product": {
                  "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
                  "product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.7.0-202105061841.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
                "product": {
                  "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
                  "product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.7.0-202105061841.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le",
                "product": {
                  "name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le",
                  "product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.7.0-202105062015.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le",
                "product": {
                  "name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le",
                  "product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.7.0-202105062344.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le",
                "product": {
                  "name": "openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le",
                  "product_id": "openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.7.0-202105071917.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le",
                "product": {
                  "name": "openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le",
                  "product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.7.0-202104292239.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le",
                "product": {
                  "name": "openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le",
                  "product_id": "openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.7.0-202104292239.p0"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x",
                "product": {
                  "name": "openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x",
                  "product_id": "openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.7.0-202104281843.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x",
                "product": {
                  "name": "openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x",
                  "product_id": "openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.7.0-202105060839.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x",
                "product": {
                  "name": "openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x",
                  "product_id": "openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.7.0-202105111940.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
                "product": {
                  "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
                  "product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.7.0-202105061841.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
                "product": {
                  "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
                  "product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.7.0-202105061841.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x",
                "product": {
                  "name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x",
                  "product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.7.0-202105062015.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x",
                "product": {
                  "name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x",
                  "product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.7.0-202105062344.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x",
                "product": {
                  "name": "openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x",
                  "product_id": "openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/network-tools-rhel8\u0026tag=v4.7.0-202105071917.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x",
                "product": {
                  "name": "openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x",
                  "product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.7.0-202104292239.p0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x",
                "product": {
                  "name": "openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x",
                  "product_id": "openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.7.0-202104292239.p0"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64"
        },
        "product_reference": "openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le"
        },
        "product_reference": "openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x"
        },
        "product_reference": "openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64"
        },
        "product_reference": "openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le"
        },
        "product_reference": "openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x"
        },
        "product_reference": "openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le"
        },
        "product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64"
        },
        "product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x"
        },
        "product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le"
        },
        "product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64"
        },
        "product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x"
        },
        "product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le"
        },
        "product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64"
        },
        "product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x"
        },
        "product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64"
        },
        "product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le"
        },
        "product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x"
        },
        "product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64"
        },
        "product_reference": "openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64"
        },
        "product_reference": "openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64"
        },
        "product_reference": "openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le"
        },
        "product_reference": "openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x"
        },
        "product_reference": "openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x"
        },
        "product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64"
        },
        "product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le"
        },
        "product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le"
        },
        "product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64"
        },
        "product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x"
        },
        "product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x"
        },
        "product_reference": "openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le"
        },
        "product_reference": "openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
          "product_id": "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64"
        },
        "product_reference": "openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64",
        "relates_to_product_reference": "8Base-RHOSE-4.7"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-3121",
      "cwe": {
        "id": "CWE-129",
        "name": "Improper Validation of Array Index"
      },
      "discovery_date": "2021-01-28T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64",
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le",
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1921650"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat OpenShift Jaeger (RHOSJ) all include code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for OCP, OSSM and RHOSJ.\n\nOpenShift Virtualization includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component of OpenShift Virtualization is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no RHACM component is accepting  protobuf messages from unauthenticated sources and are used with a limited scope, hence this vulnerability is rated Moderate for RHACM.\n\nRed Hat Cluster Application Migration (CAM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no CAM component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for CAM.\n\nCryostat-2 is affected as it does ship gogo/protobuf library with it\u0027s distribution but the only use for Protobuf would be the Kubernetes/OpenShift API server the operator communicates with and it should be authenticated hence it is affected with Moderate impact.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le"
        ],
        "known_not_affected": [
          "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64",
          "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le",
          "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-3121"
        },
        {
          "category": "external",
          "summary": "RHBZ#1921650",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-3121"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121"
        }
      ],
      "release_date": "2021-01-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2021-05-19T15:12:09+00:00",
          "details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
          "product_ids": [
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2021:1552"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64",
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le",
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Casey Callendrello"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2021-20206",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2021-01-22T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64",
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le",
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1919391"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An improper limitation of path name flaw was found in containernetworking/cni. When specifying the plugin to load in the `type` field in the network configuration, it is possible to use special elements such as \"../\" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as `reboot`. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "containernetworking-cni: Arbitrary path injection via type field in CNI configuration",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "OpenShift ServiceMesh (OSSM) does package a vulnerable version of containernetworking/cni, however, the NetworkDefinitionAttachment is defined in code and cannot be easily changed except through a user who has access to the operator namespace such as cluster-admin. As such, for OSSM, the impact is Moderate.\n\nThe fix for podman was released as a part of OpenShift 4.8 and is included in future releases.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x"
        ],
        "known_not_affected": [
          "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64",
          "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le",
          "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le",
          "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-20206"
        },
        {
          "category": "external",
          "summary": "RHBZ#1919391",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919391"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20206",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-20206"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20206",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20206"
        }
      ],
      "release_date": "2021-02-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2021-05-19T15:12:09+00:00",
          "details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
          "product_ids": [
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2021:1552"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:9e302c5584f6180f79b09882948c30a6b3b265ac3b44f7806b2c6ddee41fd584_amd64",
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f231fc58fbaab9b6bc5f5f58d793f8fbb181eb07821ac75663ff1bf2dc72b318_ppc64le",
            "8Base-RHOSE-4.7:openshift4/network-tools-rhel8@sha256:f6622348f93737db720e66f708118878ae4e919ecab9329ec71f83c9ca59996b_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:494273ae3456a8e7d2ce93be8c8d1440a9a8bdf9d7546d871c2335088dd1bf2c_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:4e0ca4dec7a611b80530a6c5929e4bef71b3e2f137f70b9e7f14da2c2668b8ea_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-ansible-operator@sha256:ad7db49784e4d0cd586d693f8b2405cc6445ae81817d37ce0b42434214a5c3e8_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:3806a0ad25af8571f4ab0bd7208ea0de6b4c6eff3e566d28f128ad4e35c47d45_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:5055d03f47ac092798911c848d46f2b7e7357189f2e3967fc6ed376b04bf6e3a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:73a306cddd631824702992ea885c721076e7b2fbe646d4518c93874ca81f5088_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:3aaf6fcbb2ecdf130a2f3d13cfadb4a631019690b85a1f5eb42d341f2c2e8035_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:b3437a45b0ec5605fe1c1d7b4d34265080e53a1ddecf6fc2f6dd332db2538494_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:bde942168e9e5cc636108ecfef23774b4eda331939abec7bb6ed58882939fb29_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:63bff9b5506263394129b06c3eb7573fc7bc66bd888d46997adde8a0175c9347_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:801e85ba7ac106109c823fcbb12c2ee9ca5e356ca3692aef9230b4d949eaadd4_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:eb3b70cf52702e45304d92e029ce8dc7ffeb2c52c149581a81b44461bf05eca0_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-metering-ansible-operator@sha256:b89eb8aec001750b36228529157da1715459621250d806d7d4eabaa6829b9c9e_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-metering-reporting-operator@sha256:b37c5bb1f849975639fca545ad040ef1cb97691436189338592014ded6f66242_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d46c5b885983b845795aa6821bb35c841d44024d8c9f4a99e92fa3c670072ddc_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:d59728003550000f3f26437009bb29bc3d310d7b2c941d9a043063436b5a37e9_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-service-idler-rhel8@sha256:ec6dceaba1eab71574ddf07223a14dec7ff9b395b94d6bd369a4dfa555226c56_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:0c50e715c62b5ec483dd0c6acbade593475573d246edc9d2a762f57ef3845d9a_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:332b1a7d738d6eb12d44ab2703678740b14b9985dd6ade80176c827b694e821a_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-dp-admission-controller@sha256:7abbcf7c0275b08d5b00178da0b58a87bc9ce493fb9b115be521d8037de9c343_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:6664164671dec207c7ffb6da5dadb90880071e8821f4606e00eadcc5e59f76cb_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:bdef404b5688db92b2e95f564190677f391b47c31b2edf088220599e9b8951d3_amd64",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-infiniband-cni@sha256:dde1aa450590a1172a39cfe9d829b1380192291070716d1f195fbe36d7585846_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:33e40f5366b349e44885b40dfb1b0e3e625b5a2adb37de719fb11dac2ec62fc0_s390x",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:7ce3db75dbc8c1a912ae7c40c09596ff0d80b8c896b475a230e5cd1f1ff3d6fa_ppc64le",
            "8Base-RHOSE-4.7:openshift4/ose-sriov-network-operator@sha256:eabf7c557362188d0067db3a34a646c52efc337f831abdd3c1b679cef24a0c39_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "containernetworking-cni: Arbitrary path injection via type field in CNI configuration"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.