CVE-2020-15586 - Vulnerability Details

Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cloudfoundry	Cf-deployment Routing-release
Debian	Debian Linux
Fedoraproject	Fedora
Golang	Go
Opensuse	Leap
Redhat	Container Native Virtualization Devtools Enterprise Linux Jaeger Logging Openshift Openshift Container Storage Serverless Service Mesh

Configuration 1 [-]

OR	cpe:2.3:a:golang:go::::::::
	cpe:2.3:a:golang:go::::::::

Configuration 2 [-]

OR	cpe:2.3:a:cloudfoundry:cf-deployment::::::::
	cpe:2.3:a:cloudfoundry:routing-release::::::::

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:opensuse:leap:15.1:::::::*
	cpe:2.3:o:opensuse:leap:15.2:::::::*

Configuration 5 [-]

OR	cpe:2.3:o:fedoraproject:fedora:31:::::::*
	cpe:2.3:o:fedoraproject:fedora:32:::::::*

Package	CPE	Advisory	Released Date
OpenShift Logging 5.0
openshift-logging/eventrouter-rhel8:v5.0.3-1	cpe:/a:redhat:logging:5.0::el8	RHSA-2021:1515	2021-05-06T00:00:00Z
OpenShift Serverless 1.9.0
serving-activator	cpe:/a:redhat:serverless:1	RHSA-2021:0072	2021-01-11T00:00:00Z
serving-networking-istio	cpe:/a:redhat:serverless:1	RHSA-2021:0072	2021-01-11T00:00:00Z
OpenShift Service Mesh 1.0
openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-9	cpe:/a:redhat:service_mesh:1.0::el8	RHBA-2020:4139	2020-09-30T00:00:00Z
OpenShift Service Mesh 1.1
ior-0:1.1.11-2.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-0:1.1.11-2.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-cni-0:1.1.11-2.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-grafana-0:6.4.3-19.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-operator-0:1.1.11-3.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-prometheus-0:2.14.0-20.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
Red Hat Developer Tools
go-toolset-1.13-0:1.13.15-1.el7	cpe:/a:redhat:devtools:2020	RHSA-2020:4214	2020-10-08T00:00:00Z
go-toolset-1.13-golang-0:1.13.15-3.el7	cpe:/a:redhat:devtools:2020	RHSA-2020:4214	2020-10-08T00:00:00Z
Red Hat Enterprise Linux 8
go-toolset:rhel8-8020020200817154239.02f7cb7a	cpe:/a:redhat:enterprise_linux:8	RHSA-2020:3665	2020-09-08T00:00:00Z
Red Hat OpenShift Container Platform 4.4
faq-0:0.0.6-5.el7	cpe:/a:redhat:openshift:4.4::el7	RHBA-2020:5123	2020-12-02T00:00:00Z
openshift-0:4.4.0-202011130111.p0.git.0.4861dfa.el8	cpe:/a:redhat:openshift:4.4::el7	RHBA-2020:5123	2020-12-02T00:00:00Z
openshift-clients-0:4.4.0-202011122017.p0.git.3445.6937a03.el8	cpe:/a:redhat:openshift:4.4::el7	RHBA-2020:5123	2020-12-02T00:00:00Z
Red Hat OpenShift Container Platform 4.5
atomic-enterprise-service-catalog-1:4.5.0-202010081312.p0.git.1808.498e523.el7	cpe:/a:redhat:openshift:4.5::el7	RHBA-2020:4229	2020-10-19T00:00:00Z
atomic-openshift-service-idler-0:4.5.0-202010081312.p0.git.15.d7814b2.el7	cpe:/a:redhat:openshift:4.5::el7	RHBA-2020:4229	2020-10-19T00:00:00Z
openshift4/ose-aws-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-azure-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-baremetal-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cloud-credential-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-authentication-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-bootstrap:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-dns-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-image-registry-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-ingress-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-scheduler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-machine-approver:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-monitoring-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-network-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-node-tuning-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-samples-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-storage-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-update-keys:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-version-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-configmap-reloader:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-coredns:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-deployer:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-builder:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-etcd:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-grafana:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-haproxy-router:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-hyperkube:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-ipa-downloader-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins-agent-maven:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-k8s-prometheus-adapter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-keepalived-ipfailover:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-rbac-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-state-metrics:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kuryr-cni-rhel8:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-libvirt-machine-controllers:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-local-storage-static-provisioner:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-api-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-admission-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-cni:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-must-gather:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-server-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-openstack-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-lifecycle-manager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-marketplace:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ovn-kubernetes:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-pod:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-alertmanager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-config-reloader:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-node-exporter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prom-label-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-service-ca-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-telemeter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-tests:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
cri-o-0:1.18.4-4.rhaos4.5.git6dee389.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5119	2020-11-24T00:00:00Z
apb-0:2.0.3-3.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
buildah-0:1.11.6-9.rhaos4.5.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
cri-tools-0:1.18.0-4.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
openshift-eventrouter-0:0.2-5.git7c289cc.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
podman-0:1.9.3-2.rhaos4.5.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
skopeo-1:1.1.1-2.rhaos4.5.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
machine-config-daemon-0:4.5.0-202012050338.p0.git.2581.e7a62a7.el8	cpe:/a:redhat:openshift:4.5::el8	RHBA-2020:5356	2020-12-15T00:00:00Z
openshift4/ose-aws-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-azure-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-baremetal-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cloud-credential-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-authentication-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-bootstrap:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-dns-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-image-registry-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-ingress-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-scheduler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-machine-approver:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-monitoring-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-network-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-node-tuning-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-samples-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-storage-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-update-keys:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-version-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-configmap-reloader:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-coredns:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-deployer:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-builder:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-etcd:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-grafana:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-haproxy-router:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-hyperkube:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-ipa-downloader-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins-agent-maven:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-k8s-prometheus-adapter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-keepalived-ipfailover:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-rbac-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-state-metrics:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kuryr-cni-rhel8:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-libvirt-machine-controllers:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-local-storage-static-provisioner:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-api-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-admission-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-cni:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-must-gather:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-server-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-openstack-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-lifecycle-manager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-marketplace:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ovn-kubernetes:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-pod:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-alertmanager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-config-reloader:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-node-exporter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prom-label-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-service-ca-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-telemeter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-tests:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
Red Hat OpenShift Container Platform 4.6
ignition-0:2.6.0-5.rhaos4.6.git947598e.el8	cpe:/a:redhat:openshift:4.6::el7	RHBA-2020:4197	2020-10-27T00:00:00Z
openshift-0:4.6.0-202010022112.p0.git.94033.ef41184.el7	cpe:/a:redhat:openshift:4.6::el7	RHBA-2020:4197	2020-10-27T00:00:00Z
openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7	cpe:/a:redhat:openshift:4.6::el7	RHSA-2020:4297	2020-10-27T00:00:00Z
podman-0:1.9.3-3.rhaos4.6.el8	cpe:/a:redhat:openshift:4.6::el7	RHSA-2020:4297	2020-10-27T00:00:00Z
skopeo-1:1.1.1-3.rhaos4.6.el8	cpe:/a:redhat:openshift:4.6::el8	RHSA-2021:0172	2021-01-25T00:00:00Z
openshift-eventrouter-0:0.2-6.git7c289cc.el8	cpe:/a:redhat:openshift:4.6::el8	RHSA-2021:0956	2021-03-30T00:00:00Z
Red Hat OpenShift Container Platform 4.7
cri-o-0:1.20.2-12.rhaos4.7.git9f7be76.el8	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
cri-tools-0:1.20.0-3.el7	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
jenkins-2-plugins-0:4.7.1621361158-1.el8	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
redhat-release-coreos-0:47.83-2.el8	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8	cpe:/a:redhat:openshift:4.7::el8	RHSA-2021:1366	2021-05-04T00:00:00Z
Red Hat OpenShift Container Storage 4.6.0 on RHEL-8
ocs4/cephcsi-rhel8:4.6-52.49cf5efdd.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/mcg-rhel8-operator:5.6.0-39.2279a46.5.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/ocs-must-gather-rhel8:4.6-76.0811c33c.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/ocs-rhel8-operator:4.6-76.0811c33c.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/rook-ceph-rhel8-operator:4.6-80.1ae5ac6a.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
mcg-0:5.6.0-39.2279a46.5.6.el8	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5606	2020-12-17T00:00:00Z
Red Hat OpenShift Jaeger 1.17
distributed-tracing/jaeger-agent-rhel8:1.17.8-12	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-all-in-one-rhel8:1.17.8-12	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-collector-rhel8:1.17.8-10	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-es-index-cleaner-rhel8:1.17.8-11	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-es-rollover-rhel8:1.17.8-9	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-ingester-rhel8:1.17.8-12	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-query-rhel8:1.17.8-10	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-rhel8-operator:1.17.8-11	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
Red Hat OpenShift Jaeger 1.20
distributed-tracing/jaeger-agent-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-all-in-one-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-collector-rhel8:1.20.2-3	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-es-index-cleaner-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-es-rollover-rhel8:1.20.2-3	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-ingester-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-query-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-rhel8-operator:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
Red Hat OpenShift Virtualization 2
kubevirt-cpu-model-nfd-plugin-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
kubevirt-cpu-node-labeller-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
kubevirt-kvm-info-nfd-plugin-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
vm-import-controller-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
RHEL-8-CNV-2.4
container-native-virtualization/kubevirt-cpu-model-nfd-plugin:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
container-native-virtualization/kubevirt-cpu-node-labeller:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
container-native-virtualization/kubevirt-kvm-info-nfd-plugin:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
container-native-virtualization/vm-import-controller-rhel8:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
RHEL-8-CNV-4.9
kubevirt-0:4.9.0-287.el8	cpe:/a:redhat:container_native_virtualization:4.9::el8	RHSA-2021:4103	2021-11-02T00:00:00Z

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html
https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w
https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g
https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ
https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html
https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/
https://nvd.nist.gov/vuln/detail/CVE-2020-15586
https://security.netapp.com/advisory/ntap-20200731-0005/
https://www.cloudfoundry.org/blog/cve-2020-15586/
https://www.cve.org/CVERecord?id=CVE-2020-15586
https://www.debian.org/security/2021/dsa-4848
https://www.oracle.com/security-alerts/cpuApr2021.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-07-17T15:38:24

Updated: 2024-08-04T13:22:29.273Z

Reserved: 2020-07-07T00:00:00

Link: CVE-2020-15586

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-07-17T16:15:11.480

Modified: 2024-11-21T05:05:48.217

Link: CVE-2020-15586

Redhat

Severity : Moderate

Publid Date: 2020-07-14T00:00:00Z

Links: CVE-2020-15586 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-06-14T17:20:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "openSUSE-SU-2020:1087", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html"}, {"name": "openSUSE-SU-2020:1095", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html"}, {"name": "FEDORA-2020-d75360e2b0", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/"}, {"name": "FEDORA-2020-9cd1204ba0", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/"}, {"name": "openSUSE-SU-2020:1405", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html"}, {"name": "openSUSE-SU-2020:1407", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"}, {"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2459-1] golang-1.7 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html"}, {"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2460-1] golang-1.8 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html"}, {"name": "DSA-4848", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2021/dsa-4848"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20200731-0005/"}, {"tags": ["x_refsource_MISC"], "url": "https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.cloudfoundry.org/blog/cve-2020-15586/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-15586", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "openSUSE-SU-2020:1087", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html"}, {"name": "openSUSE-SU-2020:1095", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html"}, {"name": "FEDORA-2020-d75360e2b0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/"}, {"name": "FEDORA-2020-9cd1204ba0", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/"}, {"name": "openSUSE-SU-2020:1405", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html"}, {"name": "openSUSE-SU-2020:1407", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"}, {"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2459-1] golang-1.7 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html"}, {"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2460-1] golang-1.8 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html"}, {"name": "DSA-4848", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4848"}, {"name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"name": "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w", "refsource": "CONFIRM", "url": "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w"}, {"name": "https://security.netapp.com/advisory/ntap-20200731-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20200731-0005/"}, {"name": "https://groups.google.com/forum/#!topic/golang-announce/f2c5bqrGH_g", "refsource": "MISC", "url": "https://groups.google.com/forum/#!topic/golang-announce/f2c5bqrGH_g"}, {"name": "https://www.cloudfoundry.org/blog/cve-2020-15586/", "refsource": "CONFIRM", "url": "https://www.cloudfoundry.org/blog/cve-2020-15586/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:22:29.273Z"}, "title": "CVE Program Container", "references": [{"name": "openSUSE-SU-2020:1087", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html"}, {"name": "openSUSE-SU-2020:1095", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html"}, {"name": "FEDORA-2020-d75360e2b0", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/"}, {"name": "FEDORA-2020-9cd1204ba0", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/"}, {"name": "openSUSE-SU-2020:1405", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html"}, {"name": "openSUSE-SU-2020:1407", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"}, {"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2459-1] golang-1.7 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html"}, {"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2460-1] golang-1.8 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html"}, {"name": "DSA-4848", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2021/dsa-4848"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20200731-0005/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.cloudfoundry.org/blog/cve-2020-15586/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-15586", "datePublished": "2020-07-17T15:38:24", "dateReserved": "2020-07-07T00:00:00", "dateUpdated": "2024-08-04T13:22:29.273Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF900B29-8A1F-4517-A24F-1E154DBEB3FF", "versionEndExcluding": "1.13.13", "vulnerable": true}, {"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B1FE085-DCB4-4BCC-86A7-A6DA83AA8ABC", "versionEndExcluding": "1.14.5", "versionStartIncluding": "1.14.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*", "matchCriteriaId": "8DA59AA0-F83D-44F1-BEEB-9E5D2CF70D2E", "versionEndExcluding": "13.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloudfoundry:routing-release:*:*:*:*:*:*:*:*", "matchCriteriaId": "2F7677BE-5DFB-48EB-8FCB-AC6A0D983F5E", "versionEndExcluding": "0.203.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time."}, {"lang": "es", "value": "Go versiones anteriores a 1.13.13 y versiones 1.14.x anteriores a 1.14.5, presenta una carrera de datos en algunos servidores net/http, como es demostrado por el Manejador httputil.ReverseProxy, porque lee un cuerpo de petici\u00f3n y escribe una respuesta al mismo tiempo"}], "id": "CVE-2020-15586", "lastModified": "2024-11-21T05:05:48.217", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-17T16:15:11.480", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"}, {"source": "cve@mitre.org", "url": "https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w"}, {"source": "cve@mitre.org", "url": "https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20200731-0005/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.cloudfoundry.org/blog/cve-2020-15586/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4848"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://groups.google.com/forum/#%21topic/golang-announce/XZNfaiwgt2w"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://groups.google.com/forum/#%21topic/golang-announce/f2c5bqrGH_g"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20200731-0005/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.cloudfoundry.org/blog/cve-2020-15586/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4848"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2021:1515", "cpe": "cpe:/a:redhat:logging:5.0::el8", "package": "openshift-logging/eventrouter-rhel8:v5.0.3-1", "product_name": "OpenShift Logging 5.0", "release_date": "2021-05-06T00:00:00Z"}, {"advisory": "RHSA-2021:0072", "cpe": "cpe:/a:redhat:serverless:1", "package": "serving-activator", "product_name": "OpenShift Serverless 1.9.0", "release_date": "2021-01-11T00:00:00Z"}, {"advisory": "RHSA-2021:0072", "cpe": "cpe:/a:redhat:serverless:1", "package": "serving-networking-istio", "product_name": "OpenShift Serverless 1.9.0", "release_date": "2021-01-11T00:00:00Z"}, {"advisory": "RHBA-2020:4139", "cpe": "cpe:/a:redhat:service_mesh:1.0::el8", "impact": "low", "package": "openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-9", "product_name": "OpenShift Service Mesh 1.0", "release_date": "2020-09-30T00:00:00Z"}, {"advisory": "RHSA-2020:5649", "cpe": "cpe:/a:redhat:service_mesh:1.1::el8", "impact": "low", "package": "ior-0:1.1.11-2.el8", "product_name": "OpenShift Service Mesh 1.1", "release_date": "2020-12-22T00:00:00Z"}, {"advisory": "RHSA-2020:5649", "cpe": "cpe:/a:redhat:service_mesh:1.1::el8", "impact": "low", "package": "servicemesh-0:1.1.11-2.el8", "product_name": "OpenShift Service Mesh 1.1", "release_date": "2020-12-22T00:00:00Z"}, {"advisory": "RHSA-2020:5649", "cpe": "cpe:/a:redhat:service_mesh:1.1::el8", "impact": "low", "package": "servicemesh-cni-0:1.1.11-2.el8", "product_name": "OpenShift Service Mesh 1.1", "release_date": "2020-12-22T00:00:00Z"}, {"advisory": "RHSA-2020:5649", "cpe": "cpe:/a:redhat:service_mesh:1.1::el8", "impact": "low", "package": "servicemesh-grafana-0:6.4.3-19.el8", "product_name": "OpenShift Service Mesh 1.1", "release_date": "2020-12-22T00:00:00Z"}, {"advisory": "RHSA-2020:5649", "cpe": "cpe:/a:redhat:service_mesh:1.1::el8", "impact": "low", "package": "servicemesh-operator-0:1.1.11-3.el8", "product_name": "OpenShift Service Mesh 1.1", "release_date": "2020-12-22T00:00:00Z"}, {"advisory": "RHSA-2020:5649", "cpe": "cpe:/a:redhat:service_mesh:1.1::el8", "impact": "low", "package": "servicemesh-prometheus-0:2.14.0-20.el8", "product_name": "OpenShift Service Mesh 1.1", "release_date": "2020-12-22T00:00:00Z"}, {"advisory": "RHSA-2020:4214", "cpe": "cpe:/a:redhat:devtools:2020", "package": "go-toolset-1.13-0:1.13.15-1.el7", "product_name": "Red Hat Developer Tools", "release_date": "2020-10-08T00:00:00Z"}, {"advisory": "RHSA-2020:4214", "cpe": "cpe:/a:redhat:devtools:2020", "package": "go-toolset-1.13-golang-0:1.13.15-3.el7", "product_name": "Red Hat Developer Tools", "release_date": "2020-10-08T00:00:00Z"}, {"advisory": "RHSA-2020:3665", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "go-toolset:rhel8-8020020200817154239.02f7cb7a", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-09-08T00:00:00Z"}, {"advisory": "RHBA-2020:5123", "cpe": "cpe:/a:redhat:openshift:4.4::el7", "impact": "low", "package": "faq-0:0.0.6-5.el7", "product_name": "Red Hat OpenShift Container Platform 4.4", "release_date": "2020-12-02T00:00:00Z"}, {"advisory": "RHBA-2020:5123", "cpe": "cpe:/a:redhat:openshift:4.4::el7", "impact": "low", "package": "openshift-0:4.4.0-202011130111.p0.git.0.4861dfa.el8", "product_name": "Red Hat OpenShift Container Platform 4.4", "release_date": "2020-12-02T00:00:00Z"}, {"advisory": "RHBA-2020:5123", "cpe": "cpe:/a:redhat:openshift:4.4::el7", "impact": "low", "package": "openshift-clients-0:4.4.0-202011122017.p0.git.3445.6937a03.el8", "product_name": "Red Hat OpenShift Container Platform 4.4", "release_date": "2020-12-02T00:00:00Z"}, {"advisory": "RHBA-2020:4229", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "atomic-enterprise-service-catalog-1:4.5.0-202010081312.p0.git.1808.498e523.el7", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-10-19T00:00:00Z"}, {"advisory": "RHBA-2020:4229", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "atomic-openshift-service-idler-0:4.5.0-202010081312.p0.git.15.d7814b2.el7", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-10-19T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-aws-machine-controllers:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-azure-machine-controllers:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-baremetal-machine-controllers:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cli:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cli-artifacts:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cloud-credential-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-authentication-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-autoscaler:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-autoscaler-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-bootstrap:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-config-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-dns-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-image-registry-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-ingress-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-kube-apiserver-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-kube-controller-manager-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-kube-scheduler-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-machine-approver:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-monitoring-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-network-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-node-tuning-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-openshift-apiserver-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-samples-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-storage-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-update-keys:v4.5.0-202011121956.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-cluster-version-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-configmap-reloader:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-console:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-console-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-coredns:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-csi-snapshot-controller:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-csi-snapshot-controller-rhel7:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-deployer:v4.5.0-202011151045.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-docker-builder:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-docker-registry:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-etcd:v4.5.0-202011121956.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-grafana:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-haproxy-router:v4.5.0-202011151045.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-hyperkube:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-installer:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-installer-artifacts:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.5.0-202011070210.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-ironic-rhel8:v4.5.0-202011070210.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-jenkins:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-jenkins-agent-maven:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-k8s-prometheus-adapter:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-keepalived-ipfailover:v4.5.0-202011121956.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-kube-proxy:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-kube-rbac-proxy:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-kube-state-metrics:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-kuryr-cni-rhel8:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-libvirt-machine-controllers:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-local-storage-static-provisioner:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-machine-api-operator:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-machine-config-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-multus-admission-controller:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-multus-cni:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-must-gather:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-oauth-proxy:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-oauth-server-rhel7:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-openstack-machine-controllers:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-operator-lifecycle-manager:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-operator-marketplace:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-operator-registry:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-ovn-kubernetes:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-pod:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-prometheus:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-prometheus-alertmanager:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-prometheus-config-reloader:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-prometheus-node-exporter:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-prometheus-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-prom-label-proxy:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-service-ca-operator:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-telemeter:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift4/ose-tests:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5119", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "cri-o-0:1.18.4-4.rhaos4.5.git6dee389.el8", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2021:0713", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "apb-0:2.0.3-3.el7", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-03-11T00:00:00Z"}, {"advisory": "RHSA-2021:0713", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "buildah-0:1.11.6-9.rhaos4.5.el8", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-03-11T00:00:00Z"}, {"advisory": "RHSA-2021:0713", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-03-11T00:00:00Z"}, {"advisory": "RHSA-2021:0713", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-03-11T00:00:00Z"}, {"advisory": "RHSA-2021:0713", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "cri-tools-0:1.18.0-4.el7", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-03-11T00:00:00Z"}, {"advisory": "RHSA-2021:0713", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-03-11T00:00:00Z"}, {"advisory": "RHSA-2021:0713", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-03-11T00:00:00Z"}, {"advisory": "RHSA-2021:1016", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-04-13T00:00:00Z"}, {"advisory": "RHSA-2021:1016", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-04-13T00:00:00Z"}, {"advisory": "RHSA-2021:1016", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "openshift-eventrouter-0:0.2-5.git7c289cc.el7", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-04-13T00:00:00Z"}, {"advisory": "RHSA-2021:1016", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "podman-0:1.9.3-2.rhaos4.5.el8", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-04-13T00:00:00Z"}, {"advisory": "RHSA-2021:1016", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "impact": "low", "package": "skopeo-1:1.1.1-2.rhaos4.5.el8", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2021-04-13T00:00:00Z"}, {"advisory": "RHBA-2020:5356", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "machine-config-daemon-0:4.5.0-202012050338.p0.git.2581.e7a62a7.el8", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-12-15T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-aws-machine-controllers:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-azure-machine-controllers:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-baremetal-machine-controllers:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cli:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cli-artifacts:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cloud-credential-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-authentication-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-autoscaler:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-autoscaler-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-bootstrap:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-config-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-dns-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-image-registry-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-ingress-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-kube-apiserver-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-kube-controller-manager-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-kube-scheduler-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-machine-approver:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-monitoring-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-network-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-node-tuning-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-openshift-apiserver-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-samples-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-storage-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-update-keys:v4.5.0-202011121956.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-cluster-version-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-configmap-reloader:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-console:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-console-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-coredns:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-csi-snapshot-controller:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-csi-snapshot-controller-rhel7:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-deployer:v4.5.0-202011151045.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-docker-builder:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-docker-registry:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-etcd:v4.5.0-202011121956.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-grafana:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-haproxy-router:v4.5.0-202011151045.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-hyperkube:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-installer:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-installer-artifacts:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.5.0-202011070210.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-ironic-rhel8:v4.5.0-202011070210.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-jenkins:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-jenkins-agent-maven:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-k8s-prometheus-adapter:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-keepalived-ipfailover:v4.5.0-202011121956.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-kube-proxy:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-kube-rbac-proxy:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-kube-state-metrics:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-kuryr-cni-rhel8:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-libvirt-machine-controllers:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-local-storage-static-provisioner:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-machine-api-operator:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-machine-config-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-multus-admission-controller:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-multus-cni:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-must-gather:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-oauth-proxy:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-oauth-server-rhel7:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-openstack-machine-controllers:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-operator-lifecycle-manager:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-operator-marketplace:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-operator-registry:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-ovn-kubernetes:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-pod:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-prometheus:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-prometheus-alertmanager:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-prometheus-config-reloader:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-prometheus-node-exporter:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-prometheus-operator:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-prom-label-proxy:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-service-ca-operator:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-telemeter:v4.5.0-202011132127.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHSA-2020:5118", "cpe": "cpe:/a:redhat:openshift:4.5::el8", "impact": "low", "package": "openshift4/ose-tests:v4.5.0-202011142223.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-11-24T00:00:00Z"}, {"advisory": "RHBA-2020:4197", "cpe": "cpe:/a:redhat:openshift:4.6::el7", "impact": "low", "package": "ignition-0:2.6.0-5.rhaos4.6.git947598e.el8", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2020-10-27T00:00:00Z"}, {"advisory": "RHBA-2020:4197", "cpe": "cpe:/a:redhat:openshift:4.6::el7", "impact": "low", "package": "openshift-0:4.6.0-202010022112.p0.git.94033.ef41184.el7", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2020-10-27T00:00:00Z"}, {"advisory": "RHSA-2020:4297", "cpe": "cpe:/a:redhat:openshift:4.6::el7", "impact": "low", "package": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2020-10-27T00:00:00Z"}, {"advisory": "RHSA-2020:4297", "cpe": "cpe:/a:redhat:openshift:4.6::el7", "impact": "low", "package": "podman-0:1.9.3-3.rhaos4.6.el8", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2020-10-27T00:00:00Z"}, {"advisory": "RHSA-2021:0172", "cpe": "cpe:/a:redhat:openshift:4.6::el8", "impact": "low", "package": "skopeo-1:1.1.1-3.rhaos4.6.el8", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2021-01-25T00:00:00Z"}, {"advisory": "RHSA-2021:0956", "cpe": "cpe:/a:redhat:openshift:4.6::el8", "impact": "low", "package": "openshift-eventrouter-0:0.2-6.git7c289cc.el8", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2021-03-30T00:00:00Z"}, {"advisory": "RHSA-2021:2122", "cpe": "cpe:/a:redhat:openshift:4.7::el7", "impact": "low", "package": "cri-o-0:1.20.2-12.rhaos4.7.git9f7be76.el8", "product_name": "Red Hat OpenShift Container Platform 4.7", "release_date": "2021-06-01T00:00:00Z"}, {"advisory": "RHSA-2021:2122", "cpe": "cpe:/a:redhat:openshift:4.7::el7", "impact": "low", "package": "cri-tools-0:1.20.0-3.el7", "product_name": "Red Hat OpenShift Container Platform 4.7", "release_date": "2021-06-01T00:00:00Z"}, {"advisory": "RHSA-2021:2122", "cpe": "cpe:/a:redhat:openshift:4.7::el7", "impact": "low", "package": "jenkins-2-plugins-0:4.7.1621361158-1.el8", "product_name": "Red Hat OpenShift Container Platform 4.7", "release_date": "2021-06-01T00:00:00Z"}, {"advisory": "RHSA-2021:2122", "cpe": "cpe:/a:redhat:openshift:4.7::el7", "impact": "low", "package": "redhat-release-coreos-0:47.83-2.el8", "product_name": "Red Hat OpenShift Container Platform 4.7", "release_date": "2021-06-01T00:00:00Z"}, {"advisory": "RHSA-2021:1366", "cpe": "cpe:/a:redhat:openshift:4.7::el8", "impact": "low", "package": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8", "product_name": "Red Hat OpenShift Container Platform 4.7", "release_date": "2021-05-04T00:00:00Z"}, {"advisory": "RHSA-2020:5605", "cpe": "cpe:/a:redhat:openshift_container_storage:4.6::el8", "impact": "low", "package": "ocs4/cephcsi-rhel8:4.6-52.49cf5efdd.release_4.6", "product_name": "Red Hat OpenShift Container Storage 4.6.0 on RHEL-8", "release_date": "2020-12-17T00:00:00Z"}, {"advisory": "RHSA-2020:5605", "cpe": "cpe:/a:redhat:openshift_container_storage:4.6::el8", "impact": "low", "package": "ocs4/mcg-rhel8-operator:5.6.0-39.2279a46.5.6", "product_name": "Red Hat OpenShift Container Storage 4.6.0 on RHEL-8", "release_date": "2020-12-17T00:00:00Z"}, {"advisory": "RHSA-2020:5605", "cpe": "cpe:/a:redhat:openshift_container_storage:4.6::el8", "impact": "low", "package": "ocs4/ocs-must-gather-rhel8:4.6-76.0811c33c.release_4.6", "product_name": "Red Hat OpenShift Container Storage 4.6.0 on RHEL-8", "release_date": "2020-12-17T00:00:00Z"}, {"advisory": "RHSA-2020:5605", "cpe": "cpe:/a:redhat:openshift_container_storage:4.6::el8", "impact": "low", "package": "ocs4/ocs-rhel8-operator:4.6-76.0811c33c.release_4.6", "product_name": "Red Hat OpenShift Container Storage 4.6.0 on RHEL-8", "release_date": "2020-12-17T00:00:00Z"}, {"advisory": "RHSA-2020:5605", "cpe": "cpe:/a:redhat:openshift_container_storage:4.6::el8", "impact": "low", "package": "ocs4/rook-ceph-rhel8-operator:4.6-80.1ae5ac6a.release_4.6", "product_name": "Red Hat OpenShift Container Storage 4.6.0 on RHEL-8", "release_date": "2020-12-17T00:00:00Z"}, {"advisory": "RHSA-2020:5606", "cpe": "cpe:/a:redhat:openshift_container_storage:4.6::el8", "impact": "low", "package": "mcg-0:5.6.0-39.2279a46.5.6.el8", "product_name": "Red Hat OpenShift Container Storage 4.6.0 on RHEL-8", "release_date": "2020-12-17T00:00:00Z"}, {"advisory": "RHBA-2021:0075", "cpe": "cpe:/a:redhat:jaeger:1.17::el8", "impact": "low", "package": "distributed-tracing/jaeger-agent-rhel8:1.17.8-12", "product_name": "Red Hat OpenShift Jaeger 1.17", "release_date": "2021-01-12T00:00:00Z"}, {"advisory": "RHBA-2021:0075", "cpe": "cpe:/a:redhat:jaeger:1.17::el8", "impact": "low", "package": "distributed-tracing/jaeger-all-in-one-rhel8:1.17.8-12", "product_name": "Red Hat OpenShift Jaeger 1.17", "release_date": "2021-01-12T00:00:00Z"}, {"advisory": "RHBA-2021:0075", "cpe": "cpe:/a:redhat:jaeger:1.17::el8", "impact": "low", "package": "distributed-tracing/jaeger-collector-rhel8:1.17.8-10", "product_name": "Red Hat OpenShift Jaeger 1.17", "release_date": "2021-01-12T00:00:00Z"}, {"advisory": "RHBA-2021:0075", "cpe": "cpe:/a:redhat:jaeger:1.17::el8", "impact": "low", "package": "distributed-tracing/jaeger-es-index-cleaner-rhel8:1.17.8-11", "product_name": "Red Hat OpenShift Jaeger 1.17", "release_date": "2021-01-12T00:00:00Z"}, {"advisory": "RHBA-2021:0075", "cpe": "cpe:/a:redhat:jaeger:1.17::el8", "impact": "low", "package": "distributed-tracing/jaeger-es-rollover-rhel8:1.17.8-9", "product_name": "Red Hat OpenShift Jaeger 1.17", "release_date": "2021-01-12T00:00:00Z"}, {"advisory": "RHBA-2021:0075", "cpe": "cpe:/a:redhat:jaeger:1.17::el8", "impact": "low", "package": "distributed-tracing/jaeger-ingester-rhel8:1.17.8-12", "product_name": "Red Hat OpenShift Jaeger 1.17", "release_date": "2021-01-12T00:00:00Z"}, {"advisory": "RHBA-2021:0075", "cpe": "cpe:/a:redhat:jaeger:1.17::el8", "impact": "low", "package": "distributed-tracing/jaeger-query-rhel8:1.17.8-10", "product_name": "Red Hat OpenShift Jaeger 1.17", "release_date": "2021-01-12T00:00:00Z"}, {"advisory": "RHBA-2021:0075", "cpe": "cpe:/a:redhat:jaeger:1.17::el8", "impact": "low", "package": "distributed-tracing/jaeger-rhel8-operator:1.17.8-11", "product_name": "Red Hat OpenShift Jaeger 1.17", "release_date": "2021-01-12T00:00:00Z"}, {"advisory": "RHBA-2021:0101", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "low", "package": "distributed-tracing/jaeger-agent-rhel8:1.20.2-2", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-01-13T00:00:00Z"}, {"advisory": "RHBA-2021:0101", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "low", "package": "distributed-tracing/jaeger-all-in-one-rhel8:1.20.2-2", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-01-13T00:00:00Z"}, {"advisory": "RHBA-2021:0101", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "low", "package": "distributed-tracing/jaeger-collector-rhel8:1.20.2-3", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-01-13T00:00:00Z"}, {"advisory": "RHBA-2021:0101", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "low", "package": "distributed-tracing/jaeger-es-index-cleaner-rhel8:1.20.2-2", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-01-13T00:00:00Z"}, {"advisory": "RHBA-2021:0101", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "low", "package": "distributed-tracing/jaeger-es-rollover-rhel8:1.20.2-3", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-01-13T00:00:00Z"}, {"advisory": "RHBA-2021:0101", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "low", "package": "distributed-tracing/jaeger-ingester-rhel8:1.20.2-2", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-01-13T00:00:00Z"}, {"advisory": "RHBA-2021:0101", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "low", "package": "distributed-tracing/jaeger-query-rhel8:1.20.2-2", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-01-13T00:00:00Z"}, {"advisory": "RHBA-2021:0101", "cpe": "cpe:/a:redhat:jaeger:1.20::el8", "impact": "low", "package": "distributed-tracing/jaeger-rhel8-operator:1.20.2-2", "product_name": "Red Hat OpenShift Jaeger 1.20", "release_date": "2021-01-13T00:00:00Z"}, {"advisory": "RHSA-2021:0799", "cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el8", "package": "kubevirt-cpu-model-nfd-plugin-container", "product_name": "Red Hat OpenShift Virtualization 2", "release_date": "2021-03-10T00:00:00Z"}, {"advisory": "RHSA-2021:0799", "cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el8", "package": "kubevirt-cpu-node-labeller-container", "product_name": "Red Hat OpenShift Virtualization 2", "release_date": "2021-03-10T00:00:00Z"}, {"advisory": "RHSA-2021:0799", "cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el8", "package": "kubevirt-kvm-info-nfd-plugin-container", "product_name": "Red Hat OpenShift Virtualization 2", "release_date": "2021-03-10T00:00:00Z"}, {"advisory": "RHSA-2021:0799", "cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el8", "package": "vm-import-controller-container", "product_name": "Red Hat OpenShift Virtualization 2", "release_date": "2021-03-10T00:00:00Z"}, {"advisory": "RHSA-2020:4201", "cpe": "cpe:/a:redhat:container_native_virtualization:2.4::el8", "impact": "low", "package": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin:v2.4.2-1", "product_name": "RHEL-8-CNV-2.4", "release_date": "2020-10-06T00:00:00Z"}, {"advisory": "RHSA-2020:4201", "cpe": "cpe:/a:redhat:container_native_virtualization:2.4::el8", "impact": "low", "package": "container-native-virtualization/kubevirt-cpu-node-labeller:v2.4.2-1", "product_name": "RHEL-8-CNV-2.4", "release_date": "2020-10-06T00:00:00Z"}, {"advisory": "RHSA-2020:4201", "cpe": "cpe:/a:redhat:container_native_virtualization:2.4::el8", "impact": "low", "package": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin:v2.4.2-1", "product_name": "RHEL-8-CNV-2.4", "release_date": "2020-10-06T00:00:00Z"}, {"advisory": "RHSA-2020:4201", "cpe": "cpe:/a:redhat:container_native_virtualization:2.4::el8", "impact": "low", "package": "container-native-virtualization/vm-import-controller-rhel8:v2.4.2-1", "product_name": "RHEL-8-CNV-2.4", "release_date": "2020-10-06T00:00:00Z"}, {"advisory": "RHSA-2021:4103", "cpe": "cpe:/a:redhat:container_native_virtualization:4.9::el8", "package": "kubevirt-0:4.9.0-287.el8", "product_name": "RHEL-8-CNV-4.9", "release_date": "2021-11-02T00:00:00Z"}], "bugzilla": {"description": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS", "id": "1856953", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-362", "details": ["Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.", "A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability."], "name": "CVE-2020-15586", "package_state": [{"cpe": "cpe:/a:redhat:service_mesh:1", "fix_state": "Out of support scope", "impact": "low", "package_name": "jaeger", "product_name": "OpenShift Service Mesh 1"}, {"cpe": "cpe:/a:redhat:service_mesh:1", "fix_state": "Out of support scope", "impact": "low", "package_name": "jaeger-operator", "product_name": "OpenShift Service Mesh 1"}, {"cpe": "cpe:/a:redhat:service_mesh:1", "fix_state": "Affected", "impact": "low", "package_name": "kiali", "product_name": "OpenShift Service Mesh 1"}, {"cpe": "cpe:/a:redhat:ceph_storage:2", "fix_state": "Out of support scope", "impact": "low", "package_name": "golang", "product_name": "Red Hat Ceph Storage 2"}, {"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Affected", "impact": "low", "package_name": "golang", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Affected", "impact": "low", "package_name": "golang-github-prometheus-node_exporter", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Affected", "impact": "low", "package_name": "grafana", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Affected", "impact": "low", "package_name": "grafana-container", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:ceph_storage:4", "fix_state": "Affected", "impact": "low", "package_name": "rhceph/rhceph-4-dashboard-rhel8", "product_name": "Red Hat Ceph Storage 4"}, {"cpe": "cpe:/a:redhat:devtools:", "fix_state": "Will not fix", "package_name": "go-toolset-1.12-golang", "product_name": "Red Hat Developer Tools"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "golang", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "ansible-service-broker", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "apb", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "atomic-enterprise-service-catalog", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "atomic-openshift", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "atomic-openshift-cluster-autoscaler", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "atomic-openshift-descheduler", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "atomic-openshift-dockerregistry", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "atomic-openshift-metrics-server", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "atomic-openshift-node-problem-detector", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "atomic-openshift-service-idler", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "atomic-openshift-web-console", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "cockpit", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "containernetworking-plugins", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "cri-o", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "cri-tools", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "csi-attacher", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "csi-driver-registrar", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "csi-livenessprobe", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "csi-provisioner", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "golang-github-openshift-oauth-proxy", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "golang-github-openshift-prometheus-alert-buffer", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "golang-github-prometheus-alertmanager", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "golang-github-prometheus-node_exporter", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "golang-github-prometheus-prometheus", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "golang-github-prometheus-promu", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "hawkular-openshift-agent", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "heapster", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "image-inspector", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift-enterprise-autoheal", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift-enterprise-cluster-capacity", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift-enterprise-image-registry", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift-eventrouter", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift-external-storage", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift-golang-builder-container", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "openshift-monitor-project-lifecycle", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "openvswitch-ovn-kubernetes", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Fix deferred", "impact": "low", "package_name": "podman", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "impact": "low", "package_name": "openshift-golang-builder-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:1", "fix_state": "Fix deferred", "impact": "low", "package_name": "golang", "product_name": "Red Hat OpenShift Virtualization 1"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:1", "fix_state": "Fix deferred", "impact": "low", "package_name": "kubevirt-cdi", "product_name": "Red Hat OpenShift Virtualization 1"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:1", "fix_state": "Fix deferred", "impact": "low", "package_name": "kubevirt-virtctl", "product_name": "Red Hat OpenShift Virtualization 1"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "bridge-marker", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "cluster-network-addons-operator", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "cnv-containernetworking-plugins", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Not affected", "impact": "low", "package_name": "cnv-must-gather", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "hostpath-provisioner", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "hostpath-provisioner-operator", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "hyperconverged-cluster-operator", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "kubemacpool", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "kubernetes-nmstate-handler", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "kubevirt", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "kubevirt-cpu-model-nfd-plugin", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "kubevirt-cpu-node-labeller", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "kubevirt-metrics-collector", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "kubevirt-template-validator", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "kubevirt-vmware", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "node-maintenance-operator", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "ovs-cni-marker", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "ovs-cni-plugin", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-api", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-cdi-apiserver", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-cdi-cloner", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-cdi-controller", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-cdi-importer", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-cdi-operator", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-cdi-uploadproxy", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-cdi-uploadserver", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-controller", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-handler", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-launcher", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "virt-operator", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "vm-import-controller", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:2", "fix_state": "Affected", "impact": "low", "package_name": "vm-import-operator", "product_name": "Red Hat OpenShift Virtualization 2"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "impact": "low", "package_name": "etcd", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "impact": "low", "package_name": "golang", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "impact": "low", "package_name": "grafana", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "impact": "low", "package_name": "heketi", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "impact": "low", "package_name": "multi-cloud-object-gateway-cli", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "impact": "low", "package_name": "noobaa-operator-container", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "impact": "low", "package_name": "rhgs3/rhgs-gluster-block-prov-rhel7", "product_name": "Red Hat Storage 3"}], "public_date": "2020-07-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-15586\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-15586\nhttps://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"], "statement": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.", "threat_severity": "Moderate"}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object