Vulnerability Database
Blog
FAQ
Docs
RHSA-2022:4711
See a problem?
Source
https://access.redhat.com/errata/RHSA-2022:4711
Import Source
https://security.access.redhat.com/data/osv/RHSA-2022:4711.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2022:4711
Related
CVE-2021-23425
CVE-2021-33502
CVE-2021-3807
CVE-2021-41182
CVE-2021-41183
CVE-2021-41184
Published
2024-09-16T06:52:10Z
Modified
2024-10-21T23:54:27Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update
Details
References
https://access.redhat.com/errata/RHSA-2022:4711
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
https://bugzilla.redhat.com/show_bug.cgi?id=655153
https://bugzilla.redhat.com/show_bug.cgi?id=977778
https://bugzilla.redhat.com/show_bug.cgi?id=1624015
https://bugzilla.redhat.com/show_bug.cgi?id=1648985
https://bugzilla.redhat.com/show_bug.cgi?id=1667517
https://bugzilla.redhat.com/show_bug.cgi?id=1687845
https://bugzilla.redhat.com/show_bug.cgi?id=1781241
https://bugzilla.redhat.com/show_bug.cgi?id=1782056
https://bugzilla.redhat.com/show_bug.cgi?id=1849169
https://bugzilla.redhat.com/show_bug.cgi?id=1878930
https://bugzilla.redhat.com/show_bug.cgi?id=1922977
https://bugzilla.redhat.com/show_bug.cgi?id=1926625
https://bugzilla.redhat.com/show_bug.cgi?id=1927985
https://bugzilla.redhat.com/show_bug.cgi?id=1944290
https://bugzilla.redhat.com/show_bug.cgi?id=1944834
https://bugzilla.redhat.com/show_bug.cgi?id=1956295
https://bugzilla.redhat.com/show_bug.cgi?id=1959186
https://bugzilla.redhat.com/show_bug.cgi?id=1964208
https://bugzilla.redhat.com/show_bug.cgi?id=1964461
https://bugzilla.redhat.com/show_bug.cgi?id=1971622
https://bugzilla.redhat.com/show_bug.cgi?id=1974741
https://bugzilla.redhat.com/show_bug.cgi?id=1979441
https://bugzilla.redhat.com/show_bug.cgi?id=1979797
https://bugzilla.redhat.com/show_bug.cgi?id=1980192
https://bugzilla.redhat.com/show_bug.cgi?id=1986726
https://bugzilla.redhat.com/show_bug.cgi?id=1986834
https://bugzilla.redhat.com/show_bug.cgi?id=1987121
https://bugzilla.redhat.com/show_bug.cgi?id=1988496
https://bugzilla.redhat.com/show_bug.cgi?id=1990462
https://bugzilla.redhat.com/show_bug.cgi?id=1991240
https://bugzilla.redhat.com/show_bug.cgi?id=1995793
https://bugzilla.redhat.com/show_bug.cgi?id=1996123
https://bugzilla.redhat.com/show_bug.cgi?id=1998255
https://bugzilla.redhat.com/show_bug.cgi?id=1999698
https://bugzilla.redhat.com/show_bug.cgi?id=2000031
https://bugzilla.redhat.com/show_bug.cgi?id=2002283
https://bugzilla.redhat.com/show_bug.cgi?id=2003883
https://bugzilla.redhat.com/show_bug.cgi?id=2003996
https://bugzilla.redhat.com/show_bug.cgi?id=2006602
https://bugzilla.redhat.com/show_bug.cgi?id=2006745
https://bugzilla.redhat.com/show_bug.cgi?id=2007384
https://bugzilla.redhat.com/show_bug.cgi?id=2007557
https://bugzilla.redhat.com/show_bug.cgi?id=2008798
https://bugzilla.redhat.com/show_bug.cgi?id=2010203
https://bugzilla.redhat.com/show_bug.cgi?id=2010903
https://bugzilla.redhat.com/show_bug.cgi?id=2013928
https://bugzilla.redhat.com/show_bug.cgi?id=2014888
https://bugzilla.redhat.com/show_bug.cgi?id=2015796
https://bugzilla.redhat.com/show_bug.cgi?id=2019144
https://bugzilla.redhat.com/show_bug.cgi?id=2019148
https://bugzilla.redhat.com/show_bug.cgi?id=2019153
https://bugzilla.redhat.com/show_bug.cgi?id=2021217
https://bugzilla.redhat.com/show_bug.cgi?id=2023250
https://bugzilla.redhat.com/show_bug.cgi?id=2023786
https://bugzilla.redhat.com/show_bug.cgi?id=2024202
https://bugzilla.redhat.com/show_bug.cgi?id=2025936
https://bugzilla.redhat.com/show_bug.cgi?id=2030596
https://bugzilla.redhat.com/show_bug.cgi?id=2030663
https://bugzilla.redhat.com/show_bug.cgi?id=2031027
https://bugzilla.redhat.com/show_bug.cgi?id=2035051
https://bugzilla.redhat.com/show_bug.cgi?id=2037115
https://bugzilla.redhat.com/show_bug.cgi?id=2037121
https://bugzilla.redhat.com/show_bug.cgi?id=2040361
https://bugzilla.redhat.com/show_bug.cgi?id=2040402
https://bugzilla.redhat.com/show_bug.cgi?id=2040474
https://bugzilla.redhat.com/show_bug.cgi?id=2041544
https://bugzilla.redhat.com/show_bug.cgi?id=2043146
https://bugzilla.redhat.com/show_bug.cgi?id=2044273
https://bugzilla.redhat.com/show_bug.cgi?id=2048546
https://bugzilla.redhat.com/show_bug.cgi?id=2050566
https://bugzilla.redhat.com/show_bug.cgi?id=2050614
https://bugzilla.redhat.com/show_bug.cgi?id=2051857
https://bugzilla.redhat.com/show_bug.cgi?id=2052557
https://bugzilla.redhat.com/show_bug.cgi?id=2052690
https://bugzilla.redhat.com/show_bug.cgi?id=2054756
https://bugzilla.redhat.com/show_bug.cgi?id=2055136
https://bugzilla.redhat.com/show_bug.cgi?id=2056021
https://bugzilla.redhat.com/show_bug.cgi?id=2056052
https://bugzilla.redhat.com/show_bug.cgi?id=2056126
https://bugzilla.redhat.com/show_bug.cgi?id=2058264
https://bugzilla.redhat.com/show_bug.cgi?id=2059521
https://bugzilla.redhat.com/show_bug.cgi?id=2059877
https://bugzilla.redhat.com/show_bug.cgi?id=2061904
https://bugzilla.redhat.com/show_bug.cgi?id=2065052
https://bugzilla.redhat.com/show_bug.cgi?id=2066084
https://bugzilla.redhat.com/show_bug.cgi?id=2066283
https://bugzilla.redhat.com/show_bug.cgi?id=2069972
https://bugzilla.redhat.com/show_bug.cgi?id=2070156
https://bugzilla.redhat.com/show_bug.cgi?id=2071468
https://bugzilla.redhat.com/show_bug.cgi?id=2072637
https://bugzilla.redhat.com/show_bug.cgi?id=2072639
https://bugzilla.redhat.com/show_bug.cgi?id=2072641
https://bugzilla.redhat.com/show_bug.cgi?id=2072642
https://bugzilla.redhat.com/show_bug.cgi?id=2072645
https://bugzilla.redhat.com/show_bug.cgi?id=2072646
https://bugzilla.redhat.com/show_bug.cgi?id=2075352
https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4711.json
https://access.redhat.com/security/cve/CVE-2021-3807
https://www.cve.org/CVERecord?id=CVE-2021-3807
https://nvd.nist.gov/vuln/detail/CVE-2021-3807
https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
https://access.redhat.com/security/cve/CVE-2021-23425
https://www.cve.org/CVERecord?id=CVE-2021-23425
https://nvd.nist.gov/vuln/detail/CVE-2021-23425
https://snyk.io/vuln/SNYK-JS-TRIMOFFNEWLINES-1296850
https://access.redhat.com/security/cve/CVE-2021-33502
https://www.cve.org/CVERecord?id=CVE-2021-33502
https://nvd.nist.gov/vuln/detail/CVE-2021-33502
https://snyk.io/vuln/SNYK-JS-NORMALIZEURL-1296539
https://access.redhat.com/security/cve/CVE-2021-41182
https://www.cve.org/CVERecord?id=CVE-2021-41182
https://nvd.nist.gov/vuln/detail/CVE-2021-41182
https://access.redhat.com/security/cve/CVE-2021-41183
https://www.cve.org/CVERecord?id=CVE-2021-41183
https://nvd.nist.gov/vuln/detail/CVE-2021-41183
https://access.redhat.com/security/cve/CVE-2021-41184
https://www.cve.org/CVERecord?id=CVE-2021-41184
https://nvd.nist.gov/vuln/detail/CVE-2021-41184
Affected packages
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-ui-extensions
Package
Name
ovirt-engine-ui-extensions
Purl
pkg:rpm/redhat/ovirt-engine-ui-extensions
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.3.3-1.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-web-ui
Package
Name
ovirt-web-ui
Purl
pkg:rpm/redhat/ovirt-web-ui
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:1.8.1-2.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine
Package
Name
ovirt-engine
Purl
pkg:rpm/redhat/ovirt-engine
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-backend
Package
Name
ovirt-engine-backend
Purl
pkg:rpm/redhat/ovirt-engine-backend
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-dbscripts
Package
Name
ovirt-engine-dbscripts
Purl
pkg:rpm/redhat/ovirt-engine-dbscripts
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-health-check-bundler
Package
Name
ovirt-engine-health-check-bundler
Purl
pkg:rpm/redhat/ovirt-engine-health-check-bundler
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-restapi
Package
Name
ovirt-engine-restapi
Purl
pkg:rpm/redhat/ovirt-engine-restapi
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-setup
Package
Name
ovirt-engine-setup
Purl
pkg:rpm/redhat/ovirt-engine-setup
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-setup-base
Package
Name
ovirt-engine-setup-base
Purl
pkg:rpm/redhat/ovirt-engine-setup-base
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-setup-plugin-cinderlib
Package
Name
ovirt-engine-setup-plugin-cinderlib
Purl
pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-setup-plugin-imageio
Package
Name
ovirt-engine-setup-plugin-imageio
Purl
pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-setup-plugin-ovirt-engine
Package
Name
ovirt-engine-setup-plugin-ovirt-engine
Purl
pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-setup-plugin-ovirt-engine-common
Package
Name
ovirt-engine-setup-plugin-ovirt-engine-common
Purl
pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-setup-plugin-vmconsole-proxy-helper
Package
Name
ovirt-engine-setup-plugin-vmconsole-proxy-helper
Purl
pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-setup-plugin-websocket-proxy
Package
Name
ovirt-engine-setup-plugin-websocket-proxy
Purl
pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-tools
Package
Name
ovirt-engine-tools
Purl
pkg:rpm/redhat/ovirt-engine-tools
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-tools-backup
Package
Name
ovirt-engine-tools-backup
Purl
pkg:rpm/redhat/ovirt-engine-tools-backup
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-vmconsole-proxy-helper
Package
Name
ovirt-engine-vmconsole-proxy-helper
Purl
pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-webadmin-portal
Package
Name
ovirt-engine-webadmin-portal
Purl
pkg:rpm/redhat/ovirt-engine-webadmin-portal
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
ovirt-engine-websocket-proxy
Package
Name
ovirt-engine-websocket-proxy
Purl
pkg:rpm/redhat/ovirt-engine-websocket-proxy
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
python3-ovirt-engine-lib
Package
Name
python3-ovirt-engine-lib
Purl
pkg:rpm/redhat/python3-ovirt-engine-lib
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
Red Hat:rhev_manager:4.4:el8
/
rhvm
Package
Name
rhvm
Purl
pkg:rpm/redhat/rhvm
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:4.5.0.7-0.9.el8ev
RHSA-2022:4711 - OSV