RHSA-2023:0574CriticalCVSS 9.1
Red Hat Security Advisory: OpenShift Container Platform 4.9.55 security update
🔗 CVE IDs covered (3)
📋 Description
CVE-2021-4238 — goutils: RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be CVE-2022-41912 — crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements CVE-2023-0296 — openshift: etcd grpc-proxy vulnerable to The Birthday attack against 64-bit block cipher
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2023:0574
- externalhttps://access.redhat.com/security/updates/classification/#critical
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2105912
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2149181
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2156729
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2161287
- externalhttps://issues.redhat.com/browse/OCPBUGS-5144
- externalhttps://issues.redhat.com/browse/OCPBUGS-6086
- externalhttps://issues.redhat.com/browse/OCPBUGS-6495
- externalhttps://issues.redhat.com/browse/OCPBUGS-6711
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0574.json