Search for packages
| purl | pkg:rpm/redhat/openshift@4.6.0-202010022112.p0.git.94033.ef41184?arch=el7 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2cbk-c4k3-kyc8
Aliases: CVE-2020-8559 GHSA-33c5-9fx5-fvjm |
Privilege Escalation in Kubernetes The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.7 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise. | There are no reported fixed by versions. |
|
VCID-dwge-3up7-yyaq
Aliases: CVE-2020-16845 GHSA-q6gq-997w-f55g |
Withdrawn Advisory: Infinite loop in xz ### Withdrawn Advisory This advisory has been withdrawn because alerts cannot be issued for the Go standard library at this time. ### Original Description Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. | There are no reported fixed by versions. |
|
VCID-w9qm-pwnh-4ydj
Aliases: CVE-2020-15586 |
golang: data race in certain net/http servers including ReverseProxy can lead to DoS | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:05:51.029485+00:00 | RedHat Importer | Affected by | VCID-w9qm-pwnh-4ydj | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15586.json | 38.0.0 |
| 2026-04-01T14:05:43.006808+00:00 | RedHat Importer | Affected by | VCID-2cbk-c4k3-kyc8 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8559.json | 38.0.0 |
| 2026-04-01T14:05:15.565701+00:00 | RedHat Importer | Affected by | VCID-dwge-3up7-yyaq | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16845.json | 38.0.0 |