Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-3703

Опубликовано: 13 сент. 2021
Источник: redhat
CVSS3: 7.5

Описание

It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0.

CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed for Serverless 1.16.0 and Serverless client kn 1.16.0.

Отчет

The flaw is moderate as the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 are moderate. The score is assigned as per the highest score given in CVE-2021-27918 and CVE-2021-33196.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
OpenShift Serverlessknative-eventingNot affected
OpenShift Serverlessknative-servingNot affected
Openshift Serverless 1.17openshift-serverless-1/client-kn-rhel8FixedRHSA-2021:355616.09.2021
Openshift Serverless 1.17openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8FixedRHSA-2021:355616.09.2021
Openshift Serverless 1.17openshift-serverless-1/eventing-controller-rhel8FixedRHSA-2021:355616.09.2021
Openshift Serverless 1.17openshift-serverless-1/eventing-in-memory-channel-controller-rhel8FixedRHSA-2021:355616.09.2021
Openshift Serverless 1.17openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8FixedRHSA-2021:355616.09.2021
Openshift Serverless 1.17openshift-serverless-1/eventing-mtbroker-filter-rhel8FixedRHSA-2021:355616.09.2021
Openshift Serverless 1.17openshift-serverless-1/eventing-mtbroker-ingress-rhel8FixedRHSA-2021:355616.09.2021
Openshift Serverless 1.17openshift-serverless-1/eventing-mtchannel-broker-rhel8FixedRHSA-2021:355616.09.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1992955serverless: incomplete fix for CVE-2021-27918 / CVE-2021-31525 / CVE-2021-33196

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2021-3703

CVSS3: 7.5
nvd
больше 3 лет назад

It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0.

github логотип

GHSA-x358-pmcq-q2x3

CVSS3: 7.5
github
больше 3 лет назад

It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0.

7.5 High

CVSS3