RHSA-2020:4297
Advisory lineage Upstream: 9 Downstream: 0
Published: 30 Sept 2024, 13:54
Last modified:03 Jun 2026, 10:01
Vulnerability Summary
Overall Risk (default)
medium
30/100 CVSS Score
7.5 HIGH
3.1 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
30 Sept 2024, 13:54
Published
Vulnerability first disclosed
03 Jun 2026, 10:01
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: OpenShift Container Platform 4.6.1 package security update
CVSS Metrics
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- redhat•containers-common
< 1:1.1.1-2.rhaos4.6.el8
- redhat•jenkins-2-plugins
< 0:4.6.1601368321-1.el8
- redhat•openshift-clients
< 0:4.6.0-202010081244.p0.git.3794.4743d24.el7 | < 0:4.6.0-202010081244.p0.git.3794.4743d24.el8
- redhat•openshift-clients-redistributable
< 0:4.6.0-202010081244.p0.git.3794.4743d24.el7 | < 0:4.6.0-202010081244.p0.git.3794.4743d24.el8
- redhat•podman
< 0:1.9.3-3.rhaos4.6.el8
- redhat•podman-debuginfo
< 0:1.9.3-3.rhaos4.6.el8
- redhat•podman-debugsource
< 0:1.9.3-3.rhaos4.6.el8
- redhat•podman-docker
< 0:1.9.3-3.rhaos4.6.el8
- redhat•podman-remote
< 0:1.9.3-3.rhaos4.6.el8
- redhat•podman-remote-debuginfo
< 0:1.9.3-3.rhaos4.6.el8
- redhat•podman-tests
< 0:1.9.3-3.rhaos4.6.el8
- redhat•runc
< 0:1.0.0-81.rhaos4.6.git5b757d4.el7 | < 0:1.0.0-81.rhaos4.6.git5b757d4.el8
- redhat•runc-debuginfo
< 0:1.0.0-81.rhaos4.6.git5b757d4.el7 | < 0:1.0.0-81.rhaos4.6.git5b757d4.el8
- redhat•runc-debugsource
< 0:1.0.0-81.rhaos4.6.git5b757d4.el8
- redhat•skopeo
< 1:1.1.1-2.rhaos4.6.el8
- redhat•skopeo-debuginfo
< 1:1.1.1-2.rhaos4.6.el8
- redhat•skopeo-debugsource
< 1:1.1.1-2.rhaos4.6.el8
- redhat•skopeo-tests
< 1:1.1.1-2.rhaos4.6.el8
References (51)
- https://access.redhat.com/errata/RHSA-2020:4297
- https://access.redhat.com/security/updates/classification/#moderate
- https://bugzilla.redhat.com/show_bug.cgi?id=1819663
- https://bugzilla.redhat.com/show_bug.cgi?id=1853652
- https://bugzilla.redhat.com/show_bug.cgi?id=1867099
- https://bugzilla.redhat.com/show_bug.cgi?id=1874268
- https://bugzilla.redhat.com/show_bug.cgi?id=1880454
- https://bugzilla.redhat.com/show_bug.cgi?id=1880456
- https://bugzilla.redhat.com/show_bug.cgi?id=1880460
- https://bugzilla.redhat.com/show_bug.cgi?id=1886637
- https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4297.json
- https://access.redhat.com/security/cve/CVE-2019-16541
- https://www.cve.org/CVERecord?id=CVE-2019-16541
- https://nvd.nist.gov/vuln/detail/CVE-2019-16541
- https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1106
- https://access.redhat.com/security/cve/CVE-2020-2252
- https://www.cve.org/CVERecord?id=CVE-2020-2252
- https://nvd.nist.gov/vuln/detail/CVE-2020-2252
- https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813
- https://www.openwall.com/lists/oss-security/2020/09/16/3
- https://access.redhat.com/security/cve/CVE-2020-2254
- https://www.cve.org/CVERecord?id=CVE-2020-2254
- https://nvd.nist.gov/vuln/detail/CVE-2020-2254
- http://www.openwall.com/lists/oss-security/2020/09/16/3
- https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956
- https://access.redhat.com/security/cve/CVE-2020-2255
- https://www.cve.org/CVERecord?id=CVE-2020-2255
- https://nvd.nist.gov/vuln/detail/CVE-2020-2255
- https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961
- https://access.redhat.com/security/cve/CVE-2020-8564
- https://www.cve.org/CVERecord?id=CVE-2020-8564
- https://nvd.nist.gov/vuln/detail/CVE-2020-8564
- https://github.com/kubernetes/kubernetes/issues/95622
- https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk
- https://access.redhat.com/security/cve/CVE-2020-14040
- https://www.cve.org/CVERecord?id=CVE-2020-14040
- https://nvd.nist.gov/vuln/detail/CVE-2020-14040
- https://github.com/golang/go/issues/39491
- https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0
- https://access.redhat.com/security/cve/CVE-2020-14370
- https://www.cve.org/CVERecord?id=CVE-2020-14370
- https://nvd.nist.gov/vuln/detail/CVE-2020-14370
- https://access.redhat.com/security/cve/CVE-2020-15586
- https://bugzilla.redhat.com/show_bug.cgi?id=1856953
- https://www.cve.org/CVERecord?id=CVE-2020-15586
- https://nvd.nist.gov/vuln/detail/CVE-2020-15586
- https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ
- https://access.redhat.com/security/cve/CVE-2020-16845
- https://www.cve.org/CVERecord?id=CVE-2020-16845
- https://nvd.nist.gov/vuln/detail/CVE-2020-16845
- https://groups.google.com/g/golang-announce/c/NyPIaucMgXo