Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2020-5634.NASL
HistoryFeb 24, 2021 - 12:00 a.m.

RHEL 7 / 8 : OpenShift Container Platform 4.7.0 (RHSA-2020:5634)

2021-02-2400:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
72

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

7.6 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5634 advisory.

  • atomic-openshift: cross-namespace owner references can trigger deletions of valid children (CVE-2019-3884)

  • kubernetes: Ceph RBD adminSecrets exposed in logs when loglevel >= 4 (CVE-2020-8566)

  • containerd: credentials leak during image pull (CVE-2020-15157)

  • python-rsa: bleichenbacher timing oracle attack against RSA decryption (CVE-2020-25658)

  • golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)

  • gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2020:5634. The text
# itself is copyright (C) Red Hat, Inc.
##

include('compat.inc');

if (description)
{
  script_id(146810);
  script_version("1.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/28");

  script_cve_id(
    "CVE-2019-3884",
    "CVE-2020-8566",
    "CVE-2020-15157",
    "CVE-2020-25658",
    "CVE-2020-28362",
    "CVE-2021-3121"
  );
  script_bugtraq_id(107649);
  script_xref(name:"RHSA", value:"2020:5634");
  script_xref(name:"IAVB", value:"2020-B-0071-S");

  script_name(english:"RHEL 7 / 8 : OpenShift Container Platform 4.7.0 (RHSA-2020:5634)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for OpenShift Container Platform 4.7.0.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2020:5634 advisory.

  - atomic-openshift: cross-namespace owner references can trigger deletions of valid children (CVE-2019-3884)

  - kubernetes: Ceph RBD adminSecrets exposed in logs when loglevel >= 4 (CVE-2020-8566)

  - containerd: credentials leak during image pull (CVE-2020-15157)

  - python-rsa: bleichenbacher timing oracle attack against RSA decryption (CVE-2020-25658)

  - golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)

  - gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2020_5634.json
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9b5b908b");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:5634");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1693905");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1886640");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1888248");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1889972");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1910081");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1921650");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#moderate");
  script_set_attribute(attribute:"solution", value:
"Update the RHEL OpenShift Container Platform 4.7.0 packages based on the guidance in RHSA-2020:5634.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-3121");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(117, 129, 200, 290, 295, 385);
  script_set_attribute(attribute:"vendor_severity", value:"Moderate");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/02/24");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/02/24");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cri-o");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:cri-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ignition");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ignition-validate");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-hyperkube");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-rsa");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-rsa");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release_list(operator: 'ge', os_version: os_ver, rhel_versions: ['7','8'])) audit(AUDIT_OS_NOT, 'Red Hat 7.x / 8.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

var constraints = [
  {
    'repo_relative_urls': [
      'content/dist/layered/rhel8/ppc64le/rhocp/4.7/debug',
      'content/dist/layered/rhel8/ppc64le/rhocp/4.7/os',
      'content/dist/layered/rhel8/ppc64le/rhocp/4.7/source/SRPMS',
      'content/dist/layered/rhel8/s390x/rhocp/4.7/debug',
      'content/dist/layered/rhel8/s390x/rhocp/4.7/os',
      'content/dist/layered/rhel8/s390x/rhocp/4.7/source/SRPMS',
      'content/dist/layered/rhel8/x86_64/rhocp/4.7/debug',
      'content/dist/layered/rhel8/x86_64/rhocp/4.7/os',
      'content/dist/layered/rhel8/x86_64/rhocp/4.7/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'cri-o-1.20.0-0.rhaos4.7.git8921e00.el8.51', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2021-3121']},
      {'reference':'cri-o-1.20.0-0.rhaos4.7.git8921e00.el8.51', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2021-3121']},
      {'reference':'cri-o-1.20.0-0.rhaos4.7.git8921e00.el8.51', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2021-3121']},
      {'reference':'cri-tools-1.20.0-1.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2021-3121']},
      {'reference':'cri-tools-1.20.0-1.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2021-3121']},
      {'reference':'cri-tools-1.20.0-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2021-3121']},
      {'reference':'ignition-2.9.0-2.rhaos4.7.git1d56dc8.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2020-28362']},
      {'reference':'ignition-2.9.0-2.rhaos4.7.git1d56dc8.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2020-28362']},
      {'reference':'ignition-2.9.0-2.rhaos4.7.git1d56dc8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2020-28362']},
      {'reference':'ignition-validate-2.9.0-2.rhaos4.7.git1d56dc8.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2020-28362']},
      {'reference':'ignition-validate-2.9.0-2.rhaos4.7.git1d56dc8.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2020-28362']},
      {'reference':'ignition-validate-2.9.0-2.rhaos4.7.git1d56dc8.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2020-28362']},
      {'reference':'openshift-hyperkube-4.7.0-202102060108.p0.git.97095.7271b90.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2019-3884', 'CVE-2020-8566', 'CVE-2020-15157']},
      {'reference':'openshift-hyperkube-4.7.0-202102060108.p0.git.97095.7271b90.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2019-3884', 'CVE-2020-8566', 'CVE-2020-15157']},
      {'reference':'openshift-hyperkube-4.7.0-202102060108.p0.git.97095.7271b90.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2019-3884', 'CVE-2020-8566', 'CVE-2020-15157']},
      {'reference':'python3-rsa-4.7-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2020-25658']}
    ]
  },
  {
    'repo_relative_urls': [
      'content/dist/rhel/power-le/7/7Server/ppc64le/ose/4.7/debug',
      'content/dist/rhel/power-le/7/7Server/ppc64le/ose/4.7/os',
      'content/dist/rhel/power-le/7/7Server/ppc64le/ose/4.7/source/SRPMS',
      'content/dist/rhel/server/7/7Server/x86_64/ose/4.7/debug',
      'content/dist/rhel/server/7/7Server/x86_64/ose/4.7/os',
      'content/dist/rhel/server/7/7Server/x86_64/ose/4.7/source/SRPMS',
      'content/dist/rhel/system-z/7/7Server/s390x/ose/4.7/debug',
      'content/dist/rhel/system-z/7/7Server/s390x/ose/4.7/os',
      'content/dist/rhel/system-z/7/7Server/s390x/ose/4.7/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'cri-o-1.20.0-0.rhaos4.7.git8921e00.el7.51', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2021-3121']},
      {'reference':'cri-tools-1.18.0-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2021-3121']},
      {'reference':'openshift-hyperkube-4.7.0-202102060108.p0.git.97095.7271b90.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift-hyperkube', 'cves':['CVE-2019-3884', 'CVE-2020-8566', 'CVE-2020-15157']}
    ]
  }
];

var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);

var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
  foreach var pkg ( constraint_array['pkgs'] ) {
    var reference = NULL;
    var _release = NULL;
    var sp = NULL;
    var _cpu = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var epoch = NULL;
    var allowmaj = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        _release &&
        rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
        (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
        rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
  else extra = rpm_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : extra
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cri-o / cri-tools / ignition / ignition-validate / etc');
}
VendorProductVersionCPE
redhatenterprise_linux7cpe:/o:redhat:enterprise_linux:7
redhatenterprise_linux8cpe:/o:redhat:enterprise_linux:8
redhatenterprise_linuxcri-op-cpe:/a:redhat:enterprise_linux:cri-o
redhatenterprise_linuxcri-toolsp-cpe:/a:redhat:enterprise_linux:cri-tools
redhatenterprise_linuxignitionp-cpe:/a:redhat:enterprise_linux:ignition
redhatenterprise_linuxignition-validatep-cpe:/a:redhat:enterprise_linux:ignition-validate
redhatenterprise_linuxopenshiftp-cpe:/a:redhat:enterprise_linux:openshift
redhatenterprise_linuxopenshift-hyperkubep-cpe:/a:redhat:enterprise_linux:openshift-hyperkube
redhatenterprise_linuxpython-rsap-cpe:/a:redhat:enterprise_linux:python-rsa
redhatenterprise_linuxpython3-rsap-cpe:/a:redhat:enterprise_linux:python3-rsa

Related

redhat 18
veracode 5
osv 21
openvas 19
mageia 2
fedora 5
nvd 6
photon 7
prion 6
github 5
ubuntu 2
redhatcve 6
nessus 41
cve 6
debiancve 5
amazon 4
ubuntucve 5
oraclelinux 1
cvelist 6
gitlab 1
ibm 11
alpinelinux 2
arista 1
cbl_mariner 1
cgr 1
wolfi 1
threatpost 3
suse 3
freebsd 1
archlinux 1
altlinux 2
debian 1
redhat
redhat
(RHSA-2020:5634) Moderate: OpenShift Container Platform 4.7.0 packages security update
2021-02-24 13:56:32
(RHSA-2021:0568) Moderate: OpenShift Container Platform 4.6 file-integrity-operator image security update
2021-02-16 08:39:26
(RHSA-2021:2977) Moderate: OpenShift Container Platform 4.7.23 security update
2021-08-11 06:30:28
veracode
veracode
Insecure RSA Decryption (Bleichenbacher Timing Attack)
2020-11-10 06:54:44
Information Disclosure
2020-10-18 01:59:36
Denial Of Service (DoS)
2020-11-27 03:55:17
osv
osv
CVE-2020-25658
2020-11-12 14:15:22
containerd vulnerability
2020-10-15 19:58:02
docker.io vulnerability
2020-10-15 20:00:45
openvas
openvas
Fedora: Security Advisory for python-rsa (FEDORA-2021-c1fef03e71)
2021-10-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3932-1)
2022-11-11 00:00:00
Ubuntu: Security Advisory (USN-4589-2)
2020-10-16 00:00:00
mageia
mageia
Updated python-rsa packages fix security vulnerability
2021-10-02 21:57:04
Updated docker packages fix a security vulnerability
2020-11-09 17:48:43
fedora
fedora
[SECURITY] Fedora 34 Update: python-rsa-4.7.2-1.fc34
2021-09-24 20:32:52
[SECURITY] Fedora 35 Update: python-rsa-4.7.2-1.fc35
2021-09-24 20:55:15
[SECURITY] Fedora 33 Update: python-rsa-4.7.2-1.fc33
2021-09-24 20:38:04
nvd
nvd
CVE-2020-25658
2020-11-12 14:15:22
CVE-2020-15157
2020-10-16 17:15:11
CVE-2020-28362
2020-11-18 17:15:11
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0292
2020-10-23 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0368
2021-03-08 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0326
2021-03-10 00:00:00
prion
prion
Design/Logic Flaw
2020-10-16 17:15:00
Code injection
2020-11-12 14:15:00
Code injection
2020-12-07 22:15:00
github
github
containerd v1.2.x can be coerced into leaking credentials during image pull
2022-02-11 23:27:39
Timing attacks in python-rsa
2021-04-30 17:35:15
Sensitive Information leak via Log File in Kubernetes
2024-04-24 20:02:08
ubuntu
ubuntu
containerd vulnerability
2020-10-15 00:00:00
Docker vulnerability
2020-10-15 00:00:00
redhatcve
redhatcve
CVE-2020-15157
2020-10-21 15:55:41
CVE-2020-25658
2020-11-09 04:28:53
CVE-2020-8566
2020-10-16 00:01:59
nessus
nessus
SUSE SLES12 Security Update : python-rsa (SUSE-SU-2023:0648-1)
2023-03-08 00:00:00
Amazon Linux 2 : python-rsa (ALAS-2023-2150)
2023-07-20 00:00:00
Ubuntu 16.04 LTS : containerd vulnerability (USN-4589-1)
2020-10-16 00:00:00
cve
cve
CVE-2020-25658
2020-11-12 14:15:22
CVE-2020-15157
2020-10-16 17:15:11
CVE-2020-8566
2020-12-07 22:15:21
debiancve
debiancve
CVE-2020-15157
2020-10-16 17:15:11
CVE-2020-25658
2020-11-12 14:15:22
CVE-2020-28362
2020-11-18 17:15:11
amazon
amazon
Medium: containerd
2021-12-28 23:54:00
Medium: python-rsa
2023-07-17 17:40:00
Medium: golang
2021-01-12 22:52:00
ubuntucve
ubuntucve
CVE-2020-15157
2020-10-15 00:00:00
CVE-2020-25658
2020-11-12 00:00:00
CVE-2020-8566
2020-12-07 00:00:00
oraclelinux
oraclelinux
containerd security update
2020-11-02 00:00:00
cvelist
cvelist
CVE-2020-15157 containerd can be coerced into leaking credentials during image pull
2020-10-16 16:45:18
CVE-2020-8566 Ceph RBD adminSecrets exposed in logs when loglevel >= 4
2020-10-15 00:00:00
CVE-2020-28362
2020-11-18 16:27:38
gitlab
gitlab
Inclusion of Sensitive Information in Log Files
2020-12-07 00:00:00
ibm
ibm
Security Bulletin: A security vulnerability in GO affects IBM Cloud Automation Manager.
2021-02-17 16:50:42
Security Bulletin: A security vulnerability in GO affects IBM Cloud Pak for Multicloud Management.
2021-02-19 04:52:31
Security Bulletin: IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2020-28362)
2021-02-26 16:13:24
alpinelinux
alpinelinux
CVE-2020-28362
2020-11-18 17:15:11
CVE-2021-3121
2021-01-11 06:15:13
arista
arista
Security Advisory 0062
2021-03-29 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-28362 affecting package golang 1.13.15-2
2021-07-08 21:56:48
cgr
cgr
CVE-2021-3121 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2021-3121 vulnerabilities
2024-07-06 21:08:40
threatpost
threatpost
Deep Dive: Protecting Against Container Threats in the Cloud
2022-05-02 12:15:36
Containerd Bug Exposes Cloud Account Credentials
2020-10-26 17:12:13
Nvidia Warns Gamers of Severe GeForce Experience Flaws
2020-10-23 14:09:28
suse
suse
Security update for go1.14 (moderate)
2020-11-27 00:00:00
Security update for go1.14 (moderate)
2020-11-26 00:00:00
Security update for go1.15 (moderate)
2020-12-01 00:00:00
freebsd
freebsd
go -- math/big: panic during recursive division of very large numbers; cmd/go: arbitrary code execution at build time through cgo
2020-11-09 00:00:00
archlinux
archlinux
[ASA-202011-16] go: multiple issues
2020-11-17 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package golang version 1.15.5-alt1
2020-11-14 00:00:00
Security fix for the ALT Linux 10 package golang version 1.15.5-alt1
2020-11-14 00:00:00
debian
debian
[SECURITY] [DSA 4865-1] docker.io security update
2021-02-27 18:36:39

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

7.6 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON
Related for REDHAT-RHSA-2020-5634.NASL
redhat18veracode5osv21openvas19mageia2fedora5nvd6photon7prion6github5ubuntu2redhatcve6nessus41cve6debiancve5amazon4ubuntucve5oraclelinux1cvelist6gitlab1ibm11alpinelinux2arista1cbl_mariner1cgr1wolfi1threatpost3suse3freebsd1archlinux1altlinux2debian1