Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2021:1552
HistoryMay 19, 2021 - 3:07 p.m.

(RHSA-2021:1552) Moderate: OpenShift Container Platform 4.7.11 security and bug fix update

2021-05-1915:07:20
access.redhat.com
193

0.802 High

EPSS

Percentile

98.3%

JSON

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.11. See the following advisory for the container images for this release:

https://access.redhat.com/errata/RHBA-2021:1550

Security Fix(es):

  • gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)

  • containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor

Related

nessus 30
redhat 20
ibm 25
openvas 24
suse 1
fedora 8
veracode 6
cvelist 6
debiancve 6
ubuntucve 6
prion 6
osv 21
alpinelinux 4
freebsd 1
f5 2
github 5
cve 6
nvd 6
arista 1
redhatcve 6
atlassian 2
githubexploit 1
cbl_mariner 2
cgr 1
wolfi 1
archlinux 1
photon 1
nessus
nessus
RHEL 7 / 8 : OpenShift Container Platform 4.7.11 (RHSA-2021:1551)
2021-05-20 00:00:00
Jetty 10.0.x < 10.0.2 Multiple Vulnerabilities
2021-10-04 00:00:00
Jetty < 9.4.39 Multiple Vulnerabilities
2021-10-04 00:00:00
redhat
redhat
(RHSA-2021:1551) Moderate: OpenShift Container Platform 4.7.11 security and bug fix update
2021-05-19 14:41:36
(RHSA-2021:1005) Moderate: OpenShift Container Platform 4.7.5 security and bug fix update
2021-04-05 13:47:03
(RHSA-2021:1007) Moderate: OpenShift Container Platform 4.7.5 security and bug fix update
2021-04-05 13:34:04
ibm
ibm
Security Bulletin: IBM Security SOAR is using a component with known vulnerabilities - Eclipse Jetty ( CVE-2021-28163, CVE-2021-28165, CVE-2020-27223)
2021-07-14 18:24:26
Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - Eclipse Jetty (CVE-2021-28163, CVE-2021-28164, CVE-2021-28165)
2021-06-15 19:15:39
Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect IBM Installation Manager and IBM Packaging Utility
2021-06-24 16:12:12
openvas
openvas
openSUSE: Security Advisory for jetty-minimal (openSUSE-SU-2021:2005-1)
2021-07-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2005-1)
2021-06-18 00:00:00
Fedora: Security Advisory for skopeo (FEDORA-2021-fb466fb623)
2021-02-26 00:00:00
suse
suse
Security update for jetty-minimal (important)
2021-07-11 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: skopeo-1.2.2-1.fc33
2021-02-26 01:09:46
[SECURITY] Fedora 33 Update: buildah-1.19.6-2.fc33
2021-02-26 01:09:45
[SECURITY] Fedora 33 Update: containernetworking-plugins-0.9.1-2.fc33
2021-02-26 01:09:46
veracode
veracode
Arbitrary Path Injection
2021-02-08 06:36:34
Denial Of Service (DoS)
2020-11-27 03:55:17
Denial Of Service (DoS)
2021-04-07 05:52:43
cvelist
cvelist
CVE-2021-20206
2021-03-26 21:34:58
CVE-2021-28165
2021-04-01 14:20:14
CVE-2020-28362
2020-11-18 16:27:38
debiancve
debiancve
CVE-2021-20206
2021-03-26 22:15:12
CVE-2020-28362
2020-11-18 17:15:11
CVE-2021-28165
2021-04-01 15:15:14
ubuntucve
ubuntucve
CVE-2021-20206
2021-03-26 00:00:00
CVE-2020-28362
2020-11-18 00:00:00
CVE-2021-28165
2021-04-01 00:00:00
prion
prion
Design/Logic Flaw
2021-03-26 22:15:00
Denial of service
2020-11-18 17:15:00
Design/Logic Flaw
2021-04-01 15:15:00
osv
osv
Improper limitation of path name in github.com/containernetworking/cni
2022-07-01 20:17:57
containernetworking/cni improper limitation of path name
2022-02-15 01:57:18
BIT-jenkins-2021-28165
2024-03-06 10:58:50
alpinelinux
alpinelinux
CVE-2021-20206
2021-03-26 22:15:12
CVE-2020-28362
2020-11-18 17:15:11
CVE-2021-3121
2021-01-11 06:15:13
freebsd
freebsd
jenkins -- Denial of service vulnerability in bundled Jetty
2021-04-20 00:00:00
f5
f5
K15338344 : Eclipse Jetty vulnerability CVE-2021-28165
2021-10-15 00:00:00
K15405135 : GO vulnerability CVE-2021-3114
2021-11-10 00:00:00
github
github
Denial of service in go-ethereum due to CVE-2020-28362
2021-06-29 21:13:54
containernetworking/cni improper limitation of path name
2022-02-15 01:57:18
Jetty vulnerable to incorrect handling of invalid large TLS frame, exhausting CPU resources
2021-04-06 17:31:30
cve
cve
CVE-2021-20206
2021-03-26 22:15:12
CVE-2020-28362
2020-11-18 17:15:11
CVE-2021-28165
2021-04-01 15:15:14
nvd
nvd
CVE-2021-20206
2021-03-26 22:15:12
CVE-2021-28165
2021-04-01 15:15:14
CVE-2020-28362
2020-11-18 17:15:11
arista
arista
Security Advisory 0062
2021-03-29 00:00:00
redhatcve
redhatcve
CVE-2021-20206
2021-02-05 06:22:02
CVE-2020-28362
2021-07-25 09:33:47
CVE-2021-28165
2021-04-01 18:17:35
atlassian
atlassian
DoS (Denial of Service) org.eclipse.jetty:jetty-io in Jira Software Data Center and Server
2023-09-26 16:17:04
DoS (Denial of Service) org.eclipse.jetty:jetty-io Dependency in Crowd Data Center and Server
2024-04-09 01:53:16
githubexploit
githubexploit
Exploit for Improper Handling of Exceptional Conditions in Eclipse Jetty
2023-10-31 10:39:28
cbl_mariner
cbl_mariner
CVE-2020-28362 affecting package golang 1.13.15-2
2021-07-08 21:56:48
CVE-2021-3114 affecting package golang 1.15.5-1
2021-07-08 21:56:48
cgr
cgr
CVE-2021-3121 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2021-3121 vulnerabilities
2024-07-03 09:08:38
archlinux
archlinux
[ASA-202101-27] go: multiple issues
2021-01-20 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0013
2021-04-22 00:00:00

0.802 High

EPSS

Percentile

98.3%

JSON
Related for RHSA-2021:1552
nessus30redhat20ibm25openvas24suse1fedora8veracode6cvelist6debiancve6ubuntucve6prion6osv21alpinelinux4freebsd1f52github5cve6nvd6arista1redhatcve6atlassian2githubexploit1cbl_mariner2cgr1wolfi1archlinux1photon1