7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.2%
New Features
The release of RHACS 3.64 provides the following new features:
Security Fixes
The release of RHACS 3.64 provides the following security fixes:
net
lookup functions may return invalid hostnames (CVE-2021-33195)net/http/httputil
ReverseProxy forwards connection headers if the first one is empty (CVE-2021-33197)math/big.Rat
may cause panic or an unrecoverable fatal error if passed inputs with very large exponents (CVE-2021-33198)crypto/tls
certificate of the wrong type is causing TLS client to panic (CVE-2021-34558)For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages in the references section.
System changes
The release of RHACS 3.64 includes the following system changes:
stackrox
to avoid global naming conflicts.port forwards
and exec
events did not contain information about the user who performed the action that generated the events. The violations now include the user context.rpm
only for querying, and it does not install any packages. Therefore, this update includes a policy exception for this pod by default to reduce the violations count.7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.2%