CVE-2020-16845 - OpenCVE

Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Fedoraproject	Fedora
Golang	Go
Opensuse	Leap
Redhat	Container Native Virtualization Devtools Enterprise Linux Jaeger Logging Openshift Openshift Container Storage Serverless Service Mesh

Configuration 1 [-]

OR	cpe:2.3:a:golang:go::::::::
	cpe:2.3:a:golang:go::::::::

Configuration 2 [-]

OR	cpe:2.3:o:opensuse:leap:15.1:::::::*
	cpe:2.3:o:opensuse:leap:15.2:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:fedoraproject:fedora:31:::::::*
	cpe:2.3:o:fedoraproject:fedora:32:::::::*

Package	CPE	Advisory	Released Date
OpenShift Logging 5.0
openshift-logging/eventrouter-rhel8:v5.0.3-1	cpe:/a:redhat:logging:5.0::el8	RHSA-2021:1515	2021-05-06T00:00:00Z
OpenShift Serverless 1.9.0
CLI	cpe:/a:redhat:serverless:1	RHSA-2021:0072	2021-01-11T00:00:00Z
knative-serving	cpe:/a:redhat:serverless:1	RHSA-2021:0072	2021-01-11T00:00:00Z
OpenShift Service Mesh 1.0
openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-9	cpe:/a:redhat:service_mesh:1.0::el8	RHBA-2020:4139	2020-09-30T00:00:00Z
OpenShift Service Mesh 1.1
ior-0:1.1.11-2.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-0:1.1.11-2.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-cni-0:1.1.11-2.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-grafana-0:6.4.3-19.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-operator-0:1.1.11-3.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
servicemesh-prometheus-0:2.14.0-20.el8	cpe:/a:redhat:service_mesh:1.1::el8	RHSA-2020:5649	2020-12-22T00:00:00Z
Red Hat Developer Tools
go-toolset-1.13-0:1.13.15-1.el7	cpe:/a:redhat:devtools:2020	RHSA-2020:4214	2020-10-08T00:00:00Z
go-toolset-1.13-golang-0:1.13.15-3.el7	cpe:/a:redhat:devtools:2020	RHSA-2020:4214	2020-10-08T00:00:00Z
Red Hat Enterprise Linux 8
go-toolset:rhel8-8020020200817154239.02f7cb7a	cpe:/a:redhat:enterprise_linux:8	RHSA-2020:3665	2020-09-08T00:00:00Z
Red Hat OpenShift Container Platform 4.4
faq-0:0.0.6-5.el7	cpe:/a:redhat:openshift:4.4::el7	RHBA-2020:5123	2020-12-02T00:00:00Z
openshift-0:4.4.0-202011130111.p0.git.0.4861dfa.el7	cpe:/a:redhat:openshift:4.4::el7	RHBA-2020:5123	2020-12-02T00:00:00Z
openshift-clients-0:4.4.0-202011122017.p0.git.3445.6937a03.el7	cpe:/a:redhat:openshift:4.4::el7	RHBA-2020:5123	2020-12-02T00:00:00Z
Red Hat OpenShift Container Platform 4.5
atomic-enterprise-service-catalog-1:4.5.0-202010081312.p0.git.1808.498e523.el7	cpe:/a:redhat:openshift:4.5::el7	RHBA-2020:4229	2020-10-19T00:00:00Z
atomic-openshift-service-idler-0:4.5.0-202010081312.p0.git.15.d7814b2.el7	cpe:/a:redhat:openshift:4.5::el7	RHBA-2020:4229	2020-10-19T00:00:00Z
openshift4/ose-aws-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-azure-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-baremetal-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cloud-credential-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-authentication-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-bootstrap:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-dns-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-image-registry-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-ingress-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-scheduler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-machine-approver:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-monitoring-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-network-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-node-tuning-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-samples-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-storage-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-update-keys:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-version-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-configmap-reloader:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-coredns:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-deployer:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-builder:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-etcd:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-grafana:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-haproxy-router:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-hyperkube:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-ipa-downloader-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins-agent-maven:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-k8s-prometheus-adapter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-keepalived-ipfailover:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-rbac-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-state-metrics:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kuryr-cni-rhel8:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-libvirt-machine-controllers:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-local-storage-static-provisioner:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-api-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-admission-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-cni:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-must-gather:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-server-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-openstack-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-lifecycle-manager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-marketplace:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ovn-kubernetes:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-pod:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-alertmanager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-config-reloader:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-node-exporter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prom-label-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-service-ca-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-telemeter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-tests:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5118	2020-11-24T00:00:00Z
cri-o-0:1.18.4-4.rhaos4.5.git6dee389.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:5119	2020-11-24T00:00:00Z
apb-0:2.0.3-3.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
buildah-0:1.11.6-9.rhaos4.5.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
cri-tools-0:1.18.0-4.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:0713	2021-03-11T00:00:00Z
ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
openshift-eventrouter-0:0.2-5.git7c289cc.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
podman-0:1.9.3-2.rhaos4.5.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
skopeo-1:1.1.1-2.rhaos4.5.el8	cpe:/a:redhat:openshift:4.5::el7	RHSA-2021:1016	2021-04-13T00:00:00Z
machine-config-daemon-0:4.5.0-202012050338.p0.git.2581.e7a62a7.el8	cpe:/a:redhat:openshift:4.5::el8	RHBA-2020:5356	2020-12-15T00:00:00Z
openshift4/ose-aws-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-azure-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-baremetal-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cli-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cloud-credential-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-authentication-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-autoscaler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-bootstrap:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-dns-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-image-registry-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-ingress-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-kube-scheduler-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-machine-approver:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-monitoring-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-network-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-node-tuning-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-openshift-controller-manager-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-samples-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-storage-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-update-keys:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-cluster-version-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-configmap-reloader:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-console-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-coredns:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-csi-snapshot-controller-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-deployer:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-builder:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-docker-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-etcd:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-grafana:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-haproxy-router:v4.5.0-202011151045.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-hyperkube:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-installer-artifacts:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-ipa-downloader-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ironic-rhel8:v4.5.0-202011070210.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-jenkins-agent-maven:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-k8s-prometheus-adapter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-keepalived-ipfailover:v4.5.0-202011121956.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-rbac-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kube-state-metrics:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-kuryr-cni-rhel8:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-libvirt-machine-controllers:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-local-storage-static-provisioner:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-api-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-machine-config-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-admission-controller:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-multus-cni:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-must-gather:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-oauth-server-rhel7:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-openstack-machine-controllers:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-lifecycle-manager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-marketplace:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-operator-registry:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-ovn-kubernetes:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-pod:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-alertmanager:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-config-reloader:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-node-exporter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prometheus-operator:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-prom-label-proxy:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-service-ca-operator:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-telemeter:v4.5.0-202011132127.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
openshift4/ose-tests:v4.5.0-202011142223.p0	cpe:/a:redhat:openshift:4.5::el8	RHSA-2020:5118	2020-11-24T00:00:00Z
Red Hat OpenShift Container Platform 4.6
ignition-0:2.6.0-5.rhaos4.6.git947598e.el8	cpe:/a:redhat:openshift:4.6::el7	RHBA-2020:4197	2020-10-27T00:00:00Z
openshift-0:4.6.0-202010022112.p0.git.94033.ef41184.el8	cpe:/a:redhat:openshift:4.6::el7	RHBA-2020:4197	2020-10-27T00:00:00Z
openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7	cpe:/a:redhat:openshift:4.6::el7	RHSA-2020:4297	2020-10-27T00:00:00Z
podman-0:1.9.3-3.rhaos4.6.el8	cpe:/a:redhat:openshift:4.6::el7	RHSA-2020:4297	2020-10-27T00:00:00Z
runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8	cpe:/a:redhat:openshift:4.6::el7	RHSA-2020:4297	2020-10-27T00:00:00Z
faq-0:0.0.6-5.el8	cpe:/a:redhat:openshift:4.6::el8	RHSA-2020:5159	2020-11-30T00:00:00Z
skopeo-1:1.1.1-3.rhaos4.6.el8	cpe:/a:redhat:openshift:4.6::el8	RHSA-2021:0172	2021-01-25T00:00:00Z
openshift-eventrouter-0:0.2-6.git7c289cc.el8	cpe:/a:redhat:openshift:4.6::el8	RHSA-2021:0956	2021-03-30T00:00:00Z
Red Hat OpenShift Container Platform 4.7
cri-o-0:1.20.2-12.rhaos4.7.git9f7be76.el7	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
cri-tools-0:1.20.0-3.el7	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
jenkins-2-plugins-0:4.7.1621361158-1.el8	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
redhat-release-coreos-0:47.83-2.el8	cpe:/a:redhat:openshift:4.7::el7	RHSA-2021:2122	2021-06-01T00:00:00Z
golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8	cpe:/a:redhat:openshift:4.7::el8	RHSA-2021:1366	2021-05-04T00:00:00Z
Red Hat OpenShift Container Storage 4.6.0 on RHEL-8
ocs4/cephcsi-rhel8:4.6-52.49cf5efdd.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/mcg-rhel8-operator:5.6.0-39.2279a46.5.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/ocs-must-gather-rhel8:4.6-76.0811c33c.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/ocs-rhel8-operator:4.6-76.0811c33c.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
ocs4/rook-ceph-rhel8-operator:4.6-80.1ae5ac6a.release_4.6	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5605	2020-12-17T00:00:00Z
mcg-0:5.6.0-39.2279a46.5.6.el8	cpe:/a:redhat:openshift_container_storage:4.6::el8	RHSA-2020:5606	2020-12-17T00:00:00Z
Red Hat OpenShift Jaeger 1.17
distributed-tracing/jaeger-agent-rhel8:1.17.8-12	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-all-in-one-rhel8:1.17.8-12	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-collector-rhel8:1.17.8-10	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-es-index-cleaner-rhel8:1.17.8-11	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-es-rollover-rhel8:1.17.8-9	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-ingester-rhel8:1.17.8-12	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-query-rhel8:1.17.8-10	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
distributed-tracing/jaeger-rhel8-operator:1.17.8-11	cpe:/a:redhat:jaeger:1.17::el8	RHBA-2021:0075	2021-01-12T00:00:00Z
Red Hat OpenShift Jaeger 1.20
distributed-tracing/jaeger-agent-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-all-in-one-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-collector-rhel8:1.20.2-3	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-es-index-cleaner-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-es-rollover-rhel8:1.20.2-3	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-ingester-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-query-rhel8:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
distributed-tracing/jaeger-rhel8-operator:1.20.2-2	cpe:/a:redhat:jaeger:1.20::el8	RHBA-2021:0101	2021-01-13T00:00:00Z
Red Hat OpenShift Virtualization 2
kubevirt-cpu-model-nfd-plugin-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
kubevirt-cpu-node-labeller-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
kubevirt-kvm-info-nfd-plugin-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
vm-import-controller-container	cpe:/a:redhat:container_native_virtualization:2.6::el8	RHSA-2021:0799	2021-03-10T00:00:00Z
RHEL-8-CNV-2.4
container-native-virtualization/kubevirt-cpu-model-nfd-plugin:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
container-native-virtualization/kubevirt-cpu-node-labeller:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
container-native-virtualization/kubevirt-kvm-info-nfd-plugin:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
container-native-virtualization/vm-import-controller-rhel8:v2.4.2-1	cpe:/a:redhat:container_native_virtualization:2.4::el8	RHSA-2020:4201	2020-10-06T00:00:00Z
RHEL-8-CNV-4.9
kubevirt-0:4.9.0-287.el8	cpe:/a:redhat:container_native_virtualization:4.9::el8	RHSA-2021:4103	2021-11-02T00:00:00Z

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html
https://groups.google.com/forum/#%21topic/golang-announce/NyPIaucMgXo
https://groups.google.com/forum/#%21topic/golang-announce/_ulYYcIWg3Q
https://groups.google.com/g/golang-announce/c/NyPIaucMgXo
https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html
https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/
https://nvd.nist.gov/vuln/detail/CVE-2020-16845
https://security.netapp.com/advisory/ntap-20200924-0002/
https://www.cve.org/CVERecord?id=CVE-2020-16845
https://www.debian.org/security/2021/dsa-4848
https://www.oracle.com/security-alerts/cpuApr2021.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-08-06T17:03:33

Updated: 2024-08-04T13:45:33.920Z

Reserved: 2020-08-04T00:00:00

Link: CVE-2020-16845

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-08-06T18:15:13.700

Modified: 2023-11-07T03:19:07.360

Link: CVE-2020-16845

Redhat

Severity : Moderate

Publid Date: 2020-08-06T00:00:00Z

Links: CVE-2020-16845 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object