Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/openshift@4.3.37-202009120213.p0.git.0.dffefe4?arch=el8

Type rpm

Namespace redhat

Name openshift

Version 4.3.37-202009120213.p0.git.0.dffefe4

Qualifiers

arch	el8

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-wpwc-fkd7-qugm

vulnerability_id

VCID-wpwc-fkd7-qugm

summary

Denial of service in Kubernetes
The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8557.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8557.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8557

reference_id

reference_type

scores

value	0.00111
scoring_system	epss
scoring_elements	0.2939
published_at	2026-04-24T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29607
published_at	2026-04-12T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29503
published_at	2026-04-21T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29548
published_at	2026-04-18T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29574
published_at	2026-04-16T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29555
published_at	2026-04-13T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29612
published_at	2026-04-08T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29678
published_at	2026-04-02T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29729
published_at	2026-04-04T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29549
published_at	2026-04-07T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29649
published_at	2026-04-09T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29652
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8557

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8557
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8557

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/advisories/GHSA-55qj-gj3x-jq9r

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-55qj-gj3x-jq9r

reference_url

https://github.com/kubernetes/kubernetes

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes

reference_url

https://github.com/kubernetes/kubernetes/commit/530f199b6e07cdaab32361e39709ac45f3fdc446

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/530f199b6e07cdaab32361e39709ac45f3fdc446

reference_url

https://github.com/kubernetes/kubernetes/commit/68750fefd3df76b7b008ef7b18e8acd18d5c2f2e

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/68750fefd3df76b7b008ef7b18e8acd18d5c2f2e

reference_url

https://github.com/kubernetes/kubernetes/commit/7fd849cffa2f93061fbcb0a6ae4efd0539b1e981

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/commit/7fd849cffa2f93061fbcb0a6ae4efd0539b1e981

reference_url

https://github.com/kubernetes/kubernetes/issues/93032

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/issues/93032

reference_url

https://github.com/kubernetes/kubernetes/pull/92921

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/kubernetes/kubernetes/pull/92921

reference_url

https://groups.google.com/g/kubernetes-security-announce/c/cB_JUsYEKyY/m/vVSO61AhBwAJ

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://groups.google.com/g/kubernetes-security-announce/c/cB_JUsYEKyY/m/vVSO61AhBwAJ

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-8557

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-8557

reference_url

https://pkg.go.dev/vuln/GO-2024-2753

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pkg.go.dev/vuln/GO-2024-2753

reference_url

https://security.netapp.com/advisory/ntap-20200821-0002

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200821-0002

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1835977
reference_id	1835977
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1835977

reference_url	https://access.redhat.com/errata/RHSA-2020:3519
reference_id	RHSA-2020:3519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3519

reference_url	https://access.redhat.com/errata/RHSA-2020:3520
reference_id	RHSA-2020:3520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3520

reference_url	https://access.redhat.com/errata/RHSA-2020:3579
reference_id	RHSA-2020:3579
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3579

reference_url	https://access.redhat.com/errata/RHSA-2020:3580
reference_id	RHSA-2020:3580
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3580

reference_url	https://access.redhat.com/errata/RHSA-2020:3808
reference_id	RHSA-2020:3808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3808

reference_url	https://access.redhat.com/errata/RHSA-2020:3809
reference_id	RHSA-2020:3809
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3809

reference_url	https://access.redhat.com/errata/RHSA-2021:3915
reference_id	RHSA-2021:3915
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3915

fixed_packages

aliases

CVE-2020-8557, GHSA-55qj-gj3x-jq9r

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-wpwc-fkd7-qugm

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift@4.3.37-202009120213.p0.git.0.dffefe4%3Farch=el8

Package Instance