Vulnerability Database
Blog
FAQ
Docs
RHSA-2020:4297
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2020:4297
Import Source
https://security.access.redhat.com/data/osv/RHSA-2020:4297.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2020:4297
Related
CVE-2019-16541
CVE-2020-14040
CVE-2020-14370
CVE-2020-15586
CVE-2020-16845
CVE-2020-2252
CVE-2020-2254
CVE-2020-2255
CVE-2020-8564
Published
2024-09-30T13:54:04Z
Modified
2024-12-23T10:02:55Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.1 package security update
Details
References
https://access.redhat.com/errata/RHSA-2020:4297
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1819663
https://bugzilla.redhat.com/show_bug.cgi?id=1853652
https://bugzilla.redhat.com/show_bug.cgi?id=1867099
https://bugzilla.redhat.com/show_bug.cgi?id=1874268
https://bugzilla.redhat.com/show_bug.cgi?id=1880454
https://bugzilla.redhat.com/show_bug.cgi?id=1880456
https://bugzilla.redhat.com/show_bug.cgi?id=1880460
https://bugzilla.redhat.com/show_bug.cgi?id=1886637
https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4297.json
https://access.redhat.com/security/cve/CVE-2019-16541
https://www.cve.org/CVERecord?id=CVE-2019-16541
https://nvd.nist.gov/vuln/detail/CVE-2019-16541
https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1106
https://access.redhat.com/security/cve/CVE-2020-2252
https://www.cve.org/CVERecord?id=CVE-2020-2252
https://nvd.nist.gov/vuln/detail/CVE-2020-2252
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813
https://www.openwall.com/lists/oss-security/2020/09/16/3
https://access.redhat.com/security/cve/CVE-2020-2254
https://www.cve.org/CVERecord?id=CVE-2020-2254
https://nvd.nist.gov/vuln/detail/CVE-2020-2254
http://www.openwall.com/lists/oss-security/2020/09/16/3
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956
https://access.redhat.com/security/cve/CVE-2020-2255
https://www.cve.org/CVERecord?id=CVE-2020-2255
https://nvd.nist.gov/vuln/detail/CVE-2020-2255
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961
https://access.redhat.com/security/cve/CVE-2020-8564
https://www.cve.org/CVERecord?id=CVE-2020-8564
https://nvd.nist.gov/vuln/detail/CVE-2020-8564
https://github.com/kubernetes/kubernetes/issues/95622
https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk
https://access.redhat.com/security/cve/CVE-2020-14040
https://www.cve.org/CVERecord?id=CVE-2020-14040
https://nvd.nist.gov/vuln/detail/CVE-2020-14040
https://github.com/golang/go/issues/39491
https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
https://access.redhat.com/security/cve/CVE-2020-14370
https://www.cve.org/CVERecord?id=CVE-2020-14370
https://nvd.nist.gov/vuln/detail/CVE-2020-14370
https://access.redhat.com/security/cve/CVE-2020-15586
https://bugzilla.redhat.com/show_bug.cgi?id=1856953
https://www.cve.org/CVERecord?id=CVE-2020-15586
https://nvd.nist.gov/vuln/detail/CVE-2020-15586
https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ
https://access.redhat.com/security/cve/CVE-2020-16845
https://www.cve.org/CVERecord?id=CVE-2020-16845
https://nvd.nist.gov/vuln/detail/CVE-2020-16845
https://groups.google.com/g/golang-announce/c/NyPIaucMgXo
Affected packages
Red Hat:openshift:4.6::el8
/
jenkins-2-plugins
Package
Name
jenkins-2-plugins
Purl
pkg:rpm/redhat/jenkins-2-plugins
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.6.1601368321-1.el8
Red Hat:openshift:4.6::el7
/
openshift-clients
Package
Name
openshift-clients
Purl
pkg:rpm/redhat/openshift-clients
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.6.0-202010081244.p0.git.3794.4743d24.el7
Red Hat:openshift:4.6::el7
/
openshift-clients-redistributable
Package
Name
openshift-clients-redistributable
Purl
pkg:rpm/redhat/openshift-clients-redistributable
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.6.0-202010081244.p0.git.3794.4743d24.el7
Red Hat:openshift:4.6::el8
/
openshift-clients
Package
Name
openshift-clients
Purl
pkg:rpm/redhat/openshift-clients
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.6.0-202010081244.p0.git.3794.4743d24.el8
Red Hat:openshift:4.6::el8
/
openshift-clients-redistributable
Package
Name
openshift-clients-redistributable
Purl
pkg:rpm/redhat/openshift-clients-redistributable
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.6.0-202010081244.p0.git.3794.4743d24.el8
Red Hat:openshift:4.6::el8
/
containers-common
Package
Name
containers-common
Purl
pkg:rpm/redhat/containers-common
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:1.1.1-2.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
podman
Package
Name
podman
Purl
pkg:rpm/redhat/podman
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.9.3-3.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
podman-debuginfo
Package
Name
podman-debuginfo
Purl
pkg:rpm/redhat/podman-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.9.3-3.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
podman-debugsource
Package
Name
podman-debugsource
Purl
pkg:rpm/redhat/podman-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.9.3-3.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
podman-docker
Package
Name
podman-docker
Purl
pkg:rpm/redhat/podman-docker
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.9.3-3.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
podman-remote
Package
Name
podman-remote
Purl
pkg:rpm/redhat/podman-remote
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.9.3-3.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
podman-remote-debuginfo
Package
Name
podman-remote-debuginfo
Purl
pkg:rpm/redhat/podman-remote-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.9.3-3.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
podman-tests
Package
Name
podman-tests
Purl
pkg:rpm/redhat/podman-tests
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.9.3-3.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
skopeo
Package
Name
skopeo
Purl
pkg:rpm/redhat/skopeo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:1.1.1-2.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
skopeo-debuginfo
Package
Name
skopeo-debuginfo
Purl
pkg:rpm/redhat/skopeo-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:1.1.1-2.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
skopeo-debugsource
Package
Name
skopeo-debugsource
Purl
pkg:rpm/redhat/skopeo-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:1.1.1-2.rhaos4.6.el8
Red Hat:openshift:4.6::el8
/
skopeo-tests
Package
Name
skopeo-tests
Purl
pkg:rpm/redhat/skopeo-tests
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:1.1.1-2.rhaos4.6.el8
Red Hat:openshift:4.6::el7
/
runc
Package
Name
runc
Purl
pkg:rpm/redhat/runc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.0.0-81.rhaos4.6.git5b757d4.el7
Red Hat:openshift:4.6::el7
/
runc-debuginfo
Package
Name
runc-debuginfo
Purl
pkg:rpm/redhat/runc-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.0.0-81.rhaos4.6.git5b757d4.el7
Red Hat:openshift:4.6::el8
/
runc
Package
Name
runc
Purl
pkg:rpm/redhat/runc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.0.0-81.rhaos4.6.git5b757d4.el8
Red Hat:openshift:4.6::el8
/
runc-debuginfo
Package
Name
runc-debuginfo
Purl
pkg:rpm/redhat/runc-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.0.0-81.rhaos4.6.git5b757d4.el8
Red Hat:openshift:4.6::el8
/
runc-debugsource
Package
Name
runc-debugsource
Purl
pkg:rpm/redhat/runc-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.0.0-81.rhaos4.6.git5b757d4.el8
RHSA-2020:4297 - OSV