Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2022:7201
HistoryNov 02, 2022 - 6:13 a.m.

(RHSA-2022:7201) Important: OpenShift Container Platform 4.11.12 security update

2022-11-0206:13:44
access.redhat.com
20
red hat openshift
cloud computing
kubernetes
security update
container platform
vulnerabilities
command injection
unsafe downloads
release notes
image digests
architecture
upgrade process.

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.043

Percentile

92.4%

JSON

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. See the following advisory for the RPM packages for this release:

https://access.redhat.com/errata/RHBA-2022:7200

Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:

https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html

Security Fix(es):

  • go-getter: command injection vulnerability (CVE-2022-26945)
  • go-getter: unsafe download (issue 1 of 3) (CVE-2022-30321)
  • go-getter: unsafe download (issue 2 of 3) (CVE-2022-30322)
  • go-getter: unsafe download (issue 3 of 3) (CVE-2022-30323)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

You may download the oc tool and use it to inspect release image metadata as follows:

(For x86_64 architecture)

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.12-x86_64

The image digest is sha256:0ca14e0f692391970fc23f88188f2a21f35a5ba24fe2f3cb908fd79fa46458e6

(For s390x architecture)

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.12-s390x

The image digest is sha256:7b9b21e35286e67473a0c4c28c84e3d806eb30364682a6b072b79109c2d22c6b

(For ppc64le architecture)

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.12-ppc64le

The image digest is sha256:c61315b1257695b5f86d2782a70909227e004cd7cd30236c6f94a9e4ecf24ecb

(For aarch64 architecture)

$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.12-aarch64

The image digest is sha256:c70dc68aef64280d3cba9a056af29438943b30c260a7156893e1bae5c6c5ce3f

All OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available
at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html

Related

osv 21
oraclelinux 8
rocky 3
almalinux 3
nessus 40
redhat 25
fedora 4
ibm 9
openvas 21
xen 1
amd 1
hp 1
citrix 1
f5 2
mscve 1
vmware 3
ubuntu 4
rosalinux 2
debian 2
cloudfoundry 1
mageia 2
thn 1
redhatcve 6
veracode 5
debiancve 6
cvelist 5
ubuntucve 4
prion 5
cve 4
github 2
nvd 4
cnvd 2
osv
osv
Important: kernel security, bug fix, and enhancement update
2022-10-25 00:00:00
Important: kernel-rt security and bug fix update
2022-10-25 00:00:00
Important: kernel-rt security and bug fix update
2022-10-25 07:38:43
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2022-10-26 00:00:00
kernel security and bug fix update
2022-11-03 00:00:00
sqlite security update
2022-10-26 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2022-10-25 07:38:43
kernel security, bug fix, and enhancement update
2022-10-25 07:23:52
sqlite security update
2022-10-25 07:23:23
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2022-10-25 00:00:00
Important: kernel-rt security and bug fix update
2022-10-25 00:00:00
Moderate: sqlite security update
2022-10-25 00:00:00
nessus
nessus
AlmaLinux 8 : kernel (ALSA-2022:7110)
2022-10-28 00:00:00
Rocky Linux 8 : kernel (RLSA-2022:7110)
2022-11-17 00:00:00
RHEL 8 : kernel-rt (RHSA-2022:7134)
2022-10-25 00:00:00
redhat
redhat
(RHSA-2022:6147) Important: OpenShift Container Platform 4.9.47 bug fix and security update
2022-08-31 09:49:15
(RHSA-2022:6805) Important: OpenShift Container Platform 4.10.36 security update
2022-10-12 08:09:34
(RHSA-2022:6801) Important: OpenShift Container Platform 4.8.51 packages and security update
2022-10-13 07:38:32
fedora
fedora
[SECURITY] Fedora 36 Update: kernel-5.18.11-200.fc36
2022-07-14 01:49:14
[SECURITY] Fedora 35 Update: kernel-5.18.11-100.fc35
2022-07-15 01:37:00
[SECURITY] Fedora 36 Update: xen-4.16.1-6.fc36
2022-07-18 01:09:01
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs
2023-01-30 13:46:22
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Expat, SQlite, libxml2, Libksba, zlib and GnuTLS
2022-11-30 08:48:28
Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
2023-03-29 18:49:02
openvas
openvas
Fedora: Security Advisory for kernel (FEDORA-2022-c69ef9c1dd)
2022-07-15 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2022-8aab5b5cde)
2022-07-16 00:00:00
Fedora: Security Advisory for xen (FEDORA-2022-3e6ce58029)
2022-07-19 00:00:00
xen
xen
Retbleed - arbitrary speculative code execution with return instructions
2022-07-12 16:35:00
amd
amd
AMD CPU Branch Type Confusion
2022-07-12 00:00:00
hp
hp
HP Wolf Security Software July 2022 Update
2022-07-12 00:00:00
citrix
citrix
Citrix Hypervisor Security Bulletin for CVE-2022-23825 and CVE-2022-29900
2022-07-12 16:49:54
f5
f5
K57185580 : RetBleed CPU vulnerability CVE-2022-29900
2022-08-02 00:00:00
K83713003 : RetBleed CPU vulnerability CVE-2022-29901
2022-08-02 00:00:00
mscve
mscve
AMD: CVE-2022-29900 AMD CPU Branch Type Confusion
2022-07-12 07:00:00
vmware
vmware
VMware ESXi addresses Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities
2022-07-12 00:00:00
VMware ESXi addresses Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities
2022-07-12 00:00:00
VMware ESXi addresses Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities
2022-07-12 00:00:00
ubuntu
ubuntu
SQLite vulnerabilities
2022-09-15 00:00:00
Linux kernel vulnerabilities
2022-08-10 00:00:00
SQLite vulnerability
2024-06-27 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2171
2023-06-20 10:39:04
Advisory ROSA-SA-2023-2149
2023-04-11 13:56:14
debian
debian
[SECURITY] [DLA 3107-1] sqlite3 security update
2022-09-13 14:25:21
[SECURITY] [DSA 5207-1] linux security update
2022-08-15 19:52:20
cloudfoundry
cloudfoundry
USN-5615-1: SQLite vulnerabilities | Cloud Foundry
2022-09-29 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2022-08-06 18:43:47
Updated kernel packages fix security vulnerabilities
2022-08-06 18:43:47
thn
thn
New 'Retbleed' Speculative Execution Attack Affects AMD and Intel CPUs
2022-07-13 14:22:00
redhatcve
redhatcve
CVE-2022-23824
2022-11-09 12:26:05
CVE-2022-30321
2022-06-07 02:29:48
CVE-2020-35527
2022-08-29 19:42:54
veracode
veracode
Path Traversal
2022-05-26 02:56:45
Path Traversal
2022-05-26 04:00:29
Path Traversal
2022-05-26 04:19:12
debiancve
debiancve
CVE-2020-35527
2022-09-01 18:15:08
CVE-2022-30322
2022-05-25 12:15:08
CVE-2022-26945
2022-05-25 12:15:08
cvelist
cvelist
CVE-2020-35527
2022-09-01 00:00:00
CVE-2022-30321
2022-05-25 11:19:42
CVE-2022-26945
2022-05-25 11:19:48
ubuntucve
ubuntucve
CVE-2020-35525
2022-09-01 00:00:00
CVE-2022-30321
2022-05-25 00:00:00
CVE-2020-35527
2022-09-01 00:00:00
prion
prion
Path traversal
2022-05-25 12:15:00
Design/Logic Flaw
2022-09-01 18:15:00
Code injection
2022-05-25 12:15:00
cve
cve
CVE-2022-30323
2022-05-25 12:15:08
CVE-2022-30321
2022-05-25 12:15:08
CVE-2022-30322
2022-05-25 12:15:08
github
github
HashiCorp go-getter unsafe downloads
2022-05-26 00:01:27
HashiCorp go-getter unsafe downloads could lead to arbitrary host access
2022-05-26 00:01:27
nvd
nvd
CVE-2020-35527
2022-09-01 18:15:08
CVE-2022-30321
2022-05-25 12:15:08
CVE-2022-30323
2022-05-25 12:15:08
cnvd
cnvd
SQLite has an unspecified vulnerability (CNVD-2022-62228)
2022-09-05 00:00:00
SQlite has an unspecified vulnerability (CNVD-2022-62229)
2022-09-05 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.043

Percentile

92.4%

JSON
Related for RHSA-2022:7201
osv21oraclelinux8rocky3almalinux3nessus40redhat25fedora4ibm9openvas21xen1amd1hp1citrix1f52mscve1vmware3ubuntu4rosalinux2debian2cloudfoundry1mageia2thn1redhatcve6veracode5debiancve6cvelist5ubuntucve4prion5cve4github2nvd4cnvd2