Vulnerability Database
Blog
FAQ
Docs
RHSA-2020:2796
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2020:2796
Import Source
https://security.access.redhat.com/data/osv/RHSA-2020:2796.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2020:2796
Related
CVE-2019-11253
CVE-2019-16769
CVE-2020-12052
CVE-2020-12245
CVE-2020-13379
CVE-2020-13430
CVE-2020-7660
CVE-2020-7662
Published
2024-09-18T04:13:25Z
Modified
2024-09-18T04:13:25Z
Severity
8.2 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh servicemesh-grafana security update
Details
References
https://access.redhat.com/errata/RHSA-2020:2796
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=1757701
https://bugzilla.redhat.com/show_bug.cgi?id=1843640
https://bugzilla.redhat.com/show_bug.cgi?id=1844228
https://bugzilla.redhat.com/show_bug.cgi?id=1845982
https://bugzilla.redhat.com/show_bug.cgi?id=1848089
https://bugzilla.redhat.com/show_bug.cgi?id=1848092
https://bugzilla.redhat.com/show_bug.cgi?id=1848108
https://bugzilla.redhat.com/show_bug.cgi?id=1848643
https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_2796.json
https://access.redhat.com/security/cve/CVE-2019-11253
https://www.cve.org/CVERecord?id=CVE-2019-11253
https://nvd.nist.gov/vuln/detail/CVE-2019-11253
https://www.stackrox.com/post/2019/09/protecting-kubernetes-api-against-cve-2019-11253-billion-laughs-attack/
https://access.redhat.com/security/cve/CVE-2019-16769
https://www.cve.org/CVERecord?id=CVE-2019-16769
https://nvd.nist.gov/vuln/detail/CVE-2019-16769
https://access.redhat.com/security/cve/CVE-2020-7660
https://www.cve.org/CVERecord?id=CVE-2020-7660
https://nvd.nist.gov/vuln/detail/CVE-2020-7660
https://access.redhat.com/security/cve/CVE-2020-7662
https://www.cve.org/CVERecord?id=CVE-2020-7662
https://nvd.nist.gov/vuln/detail/CVE-2020-7662
https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv
https://access.redhat.com/security/cve/CVE-2020-12052
https://www.cve.org/CVERecord?id=CVE-2020-12052
https://nvd.nist.gov/vuln/detail/CVE-2020-12052
https://access.redhat.com/security/cve/CVE-2020-12245
https://www.cve.org/CVERecord?id=CVE-2020-12245
https://nvd.nist.gov/vuln/detail/CVE-2020-12245
https://access.redhat.com/security/cve/CVE-2020-13379
https://www.cve.org/CVERecord?id=CVE-2020-13379
https://nvd.nist.gov/vuln/detail/CVE-2020-13379
https://grafana.com/blog/2020/06/03/grafana-6.7.4-and-7.0.2-released-with-important-security-fix/
https://www.openwall.com/lists/oss-security/2020/06/09/2/
https://access.redhat.com/security/cve/CVE-2020-13430
https://www.cve.org/CVERecord?id=CVE-2020-13430
https://nvd.nist.gov/vuln/detail/CVE-2020-13430
Affected packages
Red Hat:service_mesh:1.1::el8
/
servicemesh-grafana
Package
Name
servicemesh-grafana
Purl
pkg:rpm/redhat/servicemesh-grafana
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:6.4.3-11.el8
Red Hat:service_mesh:1.1::el8
/
servicemesh-grafana-prometheus
Package
Name
servicemesh-grafana-prometheus
Purl
pkg:rpm/redhat/servicemesh-grafana-prometheus
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:6.4.3-11.el8
RHSA-2020:2796 - OSV