CVE-2020-15586 - OpenCVE

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cloudfoundry	Cf-deployment Routing-release
Debian	Debian Linux
Fedoraproject	Fedora
Golang	Go
Opensuse	Leap
Redhat	Container Native Virtualization Devtools Enterprise Linux Jaeger Logging Openshift Openshift Container Storage Serverless Service Mesh

Configuration 1 [-]

OR	cpe:2.3:a:golang:go::::::::
	cpe:2.3:a:golang:go::::::::

Configuration 2 [-]

OR	cpe:2.3:a:cloudfoundry:cf-deployment::::::::
	cpe:2.3:a:cloudfoundry:routing-release::::::::

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:opensuse:leap:15.1:::::::*
	cpe:2.3:o:opensuse:leap:15.2:::::::*

Configuration 5 [-]

OR	cpe:2.3:o:fedoraproject:fedora:31:::::::*
	cpe:2.3:o:fedoraproject:fedora:32:::::::*

Package	CPE	Advisory	Released Date
OpenShift Logging 5.0
openshift-logging/eventrouter-rhel8:v5.0.3-1	cpe:/a:redhat:logging:5.0::el8	RHSA-2021:1515	2021-05-06T00:00:00Z
OpenShift Serverless 1.9.0
serving-activator	cpe:/a:redhat:serverless:1	RHSA-2021:0072	2021-01-11T00:00:00Z
serving-networking-istio	cpe:/a:redhat:serverless:1	RHSA-2021:0072	2021-01-11T00:00:00Z
OpenShift Service Mesh 1.0
openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-9	cpe:/a:redhat:service_mesh:1.0::el8	RHBA-2020:4139	2020-09-30T00:00:00Z
OpenShift Service Mesh 1.1
ior-0:1.1.11-2.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-0:1.1.11-2.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-cni-0:1.1.11-2.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-grafana-0:6.4.3-19.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-operator-0:1.1.11-3.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-prometheus-0:2.14.0-20.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
Red Hat Developer Tools
go-toolset-1.13-0:1.13.15-1.el7	cpe:/a:redhat:devtools:2020	RHSA-2020:4214	2020-10-08T00:00:00Z
go-toolset-1.13-golang-0:1.13.15-3.el7	cpe:/a:redhat:devtools:2020	RHSA-2020:4214	2020-10-08T00:00:00Z
Red Hat Enterprise Linux 8
go-toolset:rhel8-8020020200817154239.02f7cb7a	cpe:/a:redhat:enterprise_linux:8	RHSA-2020:3665	2020-09-08T00:00:00Z
Red Hat OpenShift Container Platform 4.4
faq-0:0.0.6-5.el7	cpe:/a:redhat:openshift:4.4::el7	RHBA-2020:5123	2020-12-02T00:00:00Z
openshift-0:4.4.0-202011130111.p0.git.0.4861dfa.el7	cpe:/a:redhat:openshift:4.4::el7	RHBA-2020:5123	2020-12-02T00:00:00Z
openshift-clients-0:4.4.0-202011122017.p0.git.3445.6937a03.el7	cpe:/a:redhat:openshift:4.4::el7	RHBA-2020:5123	2020-12-02T00:00:00Z
Red Hat OpenShift Container Platform 4.5
atomic-enterprise-service-catalog-1:4.5.0-202010081312.p0.git.1808.498e523.el7	cpe:/a:redhat:openshift:4.5::el7	RHBA-2020:4229	2020-10-19T00:00:00Z
atomic-openshift-service-idler-0:4.5.0-202010081312.p0.git.15.d7814b2.el7	cpe:/a:redhat:openshift:4.5::el7	RHBA-2020:4229	2020-10-19T00:00:00Z
openshift4/ose-aws-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-azure-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-baremetal-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cloud-credential-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-authentication-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-bootstrap:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-dns-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-image-registry-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-ingress-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-scheduler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-machine-approver:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-monitoring-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-network-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-node-tuning-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-samples-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-storage-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-update-keys:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-version-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-configmap-reloader:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-coredns:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-deployer:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-builder:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-etcd:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-grafana:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-haproxy-router:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-hyperkube:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-ipa-downloader-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins-agent-maven:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-k8s-prometheus-adapter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-keepalived-ipfailover:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-rbac-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-state-metrics:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kuryr-cni-rhel8:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-libvirt-machine-controllers:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-local-storage-static-provisioner:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-api-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-admission-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-cni:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-must-gather:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-server-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-openstack-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-lifecycle-manager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-marketplace:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ovn-kubernetes:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-pod:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-alertmanager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-config-reloader:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-node-exporter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prom-label-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-service-ca-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-telemeter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-tests:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
cri-o-0:1.18.4-4.rhaos4.5.git6dee389.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5119	2020-11-24T00:00:00Z
apb-0:2.0.3-3.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
buildah-0:1.11.6-9.rhaos4.5.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
cri-tools-0:1.18.0-4.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
openshift-eventrouter-0:0.2-5.git7c289cc.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
podman-0:1.9.3-2.rhaos4.5.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
skopeo-1:1.1.1-2.rhaos4.5.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
machine-config-daemon-0:4.5.0-202012050338.p0.git.2581.e7a62a7.el8	cpe:/a:redhat:openshift:4.5::el8	RHBA-2020:5356	2020-12-15T00:00:00Z
openshift4/ose-aws-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-azure-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-baremetal-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cloud-credential-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-authentication-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-bootstrap:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-dns-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-image-registry-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-ingress-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-scheduler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-machine-approver:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-monitoring-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-network-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-node-tuning-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-samples-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-storage-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-update-keys:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-version-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-configmap-reloader:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-coredns:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-deployer:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-builder:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-etcd:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-grafana:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-haproxy-router:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-hyperkube:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-ipa-downloader-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins-agent-maven:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-k8s-prometheus-adapter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-keepalived-ipfailover:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-rbac-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-state-metrics:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kuryr-cni-rhel8:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-libvirt-machine-controllers:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-local-storage-static-provisioner:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-api-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-admission-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-cni:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-must-gather:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-server-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-openstack-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-lifecycle-manager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-marketplace:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ovn-kubernetes:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-pod:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-alertmanager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-config-reloader:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-node-exporter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prom-label-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-service-ca-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-telemeter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-tests:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
Red Hat OpenShift Container Platform 4.6
ignition-0:2.6.0-5.rhaos4.6.git947598e.el8	cpe:/a:redhat:openshift:4.6::el7	RHBA-2020:4197	2020-10-27T00:00:00Z
openshift-0:4.6.0-202010022112.p0.git.94033.ef41184.el8	cpe:/a:redhat:openshift:4.6::el7	RHBA-2020:4197	2020-10-27T00:00:00Z
openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7	cpe:/a:redhat:openshift:4.6::el7	RHSA-2020:4297	2020-10-27T00:00:00Z
podman-0:1.9.3-3.rhaos4.6.el8	cpe:/a:redhat:openshift:4.6::el7	RHSA-2020:4297	2020-10-27T00:00:00Z
skopeo-1:1.1.1-3.rhaos4.6.el8	cpe:/a:redhat:openshift:4.6::el8	RHSA-2021:0172	2021-01-25T00:00:00Z
openshift-eventrouter-0:0.2-6.git7c289cc.el8	cpe:/a:redhat:openshift:4.6::el8	RHSA-2021:0956	2021-03-30T00:00:00Z
Red Hat OpenShift Container Platform 4.7
cri-o-0:1.20.2-12.rhaos4.7.git9f7be76.el7	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
cri-tools-0:1.20.0-3.el7	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
jenkins-2-plugins-0:4.7.1621361158-1.el8	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
redhat-release-coreos-0:47.83-2.el8	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8	cpe:/a:redhat:openshift:4.7::el8	RHSA-2021:1366	2021-05-04T00:00:00Z
Red Hat OpenShift Container Storage 4.6.0 on RHEL-8
ocs4/cephcsi-rhel8:4.6-52.49cf5efdd.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/mcg-rhel8-operator:5.6.0-39.2279a46.5.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/ocs-must-gather-rhel8:4.6-76.0811c33c.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/ocs-rhel8-operator:4.6-76.0811c33c.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/rook-ceph-rhel8-operator:4.6-80.1ae5ac6a.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
mcg-0:5.6.0-39.2279a46.5.6.el8	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5606	2020-12-17T00:00:00Z
Red Hat OpenShift Jaeger 1.17
distributed-tracing/jaeger-agent-rhel8:1.17.8-12	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-all-in-one-rhel8:1.17.8-12	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-collector-rhel8:1.17.8-10	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-es-index-cleaner-rhel8:1.17.8-11	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-es-rollover-rhel8:1.17.8-9	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-ingester-rhel8:1.17.8-12	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-query-rhel8:1.17.8-10	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-rhel8-operator:1.17.8-11	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
Red Hat OpenShift Jaeger 1.20
distributed-tracing/jaeger-agent-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-all-in-one-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-collector-rhel8:1.20.2-3	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-es-index-cleaner-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-es-rollover-rhel8:1.20.2-3	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-ingester-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-query-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-rhel8-operator:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
Red Hat OpenShift Virtualization 2
kubevirt-cpu-model-nfd-plugin-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
kubevirt-cpu-node-labeller-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
kubevirt-kvm-info-nfd-plugin-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
vm-import-controller-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
RHEL-8-CNV-2.4
container-native-virtualization/kubevirt-cpu-model-nfd-plugin:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
container-native-virtualization/kubevirt-cpu-node-labeller:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
container-native-virtualization/kubevirt-kvm-info-nfd-plugin:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
container-native-virtualization/vm-import-controller-rhel8:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
RHEL-8-CNV-4.9
kubevirt-0:4.9.0-287.el8	cpe:/a:redhat:container_native_virtualization:4.9::el8	RHSA-2021:4103	2021-11-02T00:00:00Z

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html
https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w
https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g
https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ
https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html
https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/
https://nvd.nist.gov/vuln/detail/CVE-2020-15586
https://security.netapp.com/advisory/ntap-20200731-0005/
https://www.cloudfoundry.org/blog/cve-2020-15586/
https://www.cve.org/CVERecord?id=CVE-2020-15586
https://www.debian.org/security/2021/dsa-4848
https://www.oracle.com/security-alerts/cpuApr2021.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-07-17T15:38:24

Updated: 2024-08-04T13:22:29.273Z

Reserved: 2020-07-07T00:00:00

Link: CVE-2020-15586

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-07-17T16:15:11.480

Modified: 2023-11-07T03:17:41.413

Link: CVE-2020-15586

Redhat

Severity : Moderate

Publid Date: 2020-07-14T00:00:00Z

Links: CVE-2020-15586 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object