Multiple vulnerabilities in Red Hat OpenShift Serverless
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 32 |
| CVE-ID | CVE-2021-3114 CVE-2019-20454 CVE-2021-20305 CVE-2021-3450 CVE-2021-3449 CVE-2020-14422 CVE-2020-13632 CVE-2020-13631 CVE-2020-13630 CVE-2020-9327 CVE-2020-8492 CVE-2020-7595 CVE-2020-6405 CVE-2020-1730 CVE-2019-20916 CVE-2019-20907 CVE-2019-20388 CVE-2021-3115 CVE-2019-20387 CVE-2019-20218 CVE-2019-19956 CVE-2019-19906 CVE-2019-19221 CVE-2019-16935 CVE-2019-16168 CVE-2019-15903 CVE-2019-14889 CVE-2019-13627 CVE-2019-13050 CVE-2019-5018 CVE-2018-1000858 CVE-2018-20843 |
| CWE-ID | CWE-682 CWE-125 CWE-327 CWE-254 CWE-476 CWE-400 CWE-264 CWE-416 CWE-399 CWE-835 CWE-22 CWE-401 CWE-78 CWE-787 CWE-79 CWE-369 CWE-310 CWE-297 CWE-352 CWE-611 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #5 is available. Public exploit code for vulnerability #10 is available. Public exploit code for vulnerability #11 is available. Public exploit code for vulnerability #24 is available. Public exploit code for vulnerability #25 is available. Public exploit code for vulnerability #26 is available. Public exploit code for vulnerability #30 is available. Public exploit code for vulnerability #32 is available. |
| Vulnerable software |
Red Hat OpenShift Serverless Server applications / Virtualization software |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 32 vulnerabilities.
1) Incorrect calculation
EUVDB-ID: #VU50047
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3114
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to incorrect calculation performed by the application in "crypto/elliptic/p224.go". A remote attacker can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU29116
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-20454
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to perform denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in the "do_extuni_no_utf in pcre2_jit_compile.c" file when the pattern X is JIT compiled and used to match specially crafted subjects in non-UTF mode. A remote attacker can trigger out-of-bounds read error and crash the affected application.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU52195
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-20305
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Security features bypass
EUVDB-ID: #VU51732
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3450
CWE-ID:
CWE-254 - Security Features
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error in implementation of the X509_V_FLAG_X509_STRICT flag allows an attacker to overwrite a valid CA certificate using any non-CA certificate in the chain. As a result, a remote attacker can perform MitM attack.
Install updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) NULL pointer dereference
EUVDB-ID: #VU51733
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2021-3449
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error when processing TLSv1.2 renegotiations. A remote attacker can send a maliciously crafted renegotiation ClientHello message, which omits the signature_algorithms extension but includes a signature_algorithms_cert extension, trigger a NULL pointer dereference error and crash the server. MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
6) Resource exhaustion
EUVDB-ID: #VU29544
Risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-14422
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application improperly computes hash values in the IPv4Interface and IPv6Interface classes within the Lib/ipaddress.py in Python. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) NULL pointer dereference
EUVDB-ID: #VU34080
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-13632
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in ext/fts3/fts3_snippet.c in SQLite. A local user can trigger denial of service conditions via a crafted matchinfo() query.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU34079
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-13631
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass certain security restrictions.
The vulnerability exists due an error in alter.c and build.c files in SQLite that allows a local user to rename a virtual table into a shadow table. A local user with permissions to create virtual tables can renamed them and gain unauthorized access to the fronted application.
Install updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Use-after-free
EUVDB-ID: #VU34077
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-13630
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the fts3EvalNextRow() function in ext/fts3/fts3.c. A remote attacker can pass specially crafted data to application, trigger a use-after-free error and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) NULL pointer dereference
EUVDB-ID: #VU25861
Risk: Low
CVSSv3.1: 3.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2020-9327
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. A remote attacker can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
11) Resource management error
EUVDB-ID: #VU25631
Risk: Medium
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2020-8492
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in urllib.request.AbstractBasicAuthHandler when processing HTTP responses. A remote attacker who controls a HTTP server can send a specially crafted HTTP response to the client application and conduct Regular Expression Denial of Service (ReDoS) attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
12) Infinite loop
EUVDB-ID: #VU24488
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-7595
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop in xmlStringLenDecodeEntities in parser.c. A remote attacker can consume all available system resources and cause denial of service conditions in a certain end-of-file situation.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Out-of-bounds read
EUVDB-ID: #VU24958
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-6405
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in SQLite. A remote attacker can pass specially crafted input to the application, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Resource management error
EUVDB-ID: #VU26756
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1730
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper resource management while cleaning the AES-CTR ciphers when closing the connection. A remote attacker can initiate a connection to the client and server that supports AES-CTR ciphers and close the connection before ciphers are initialized, triggering a denial of service condition (service crash). The vulnerability affects both client and server implementations.
Install updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Path traversal
EUVDB-ID: #VU48600
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-20916
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences passed via URL to the install command within the _download_http_url() function in _internal/download.py. A remote attacker can send a specially crafted HTTP request with the Content-Disposition header that contains directory traversal characters in the filename and overwrite the /root/.ssh/authorized_keys file.
Install updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Infinite loop
EUVDB-ID: #VU32881
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-20907
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop In Lib/tarfile.py in Python. A remote attacker can create a specially crafted TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Memory leak
EUVDB-ID: #VU24487
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-20388
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in xmlSchemaPreRun in xmlschemas.c. A remote attacker can trigger a xmlSchemaValidateStream memory leak and perform denial of service attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) OS Command Injection
EUVDB-ID: #VU50046
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-3115
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation when using the "go get" command to fetch modules that make use of cgo. A remote unauthenticated attacker can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Out-of-bounds read
EUVDB-ID: #VU24490
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-20387
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read via a last schema whose length is less than the length of the input schema. A remote attacker can perform a denial of service attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Memory leak
EUVDB-ID: #VU24065
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-20218
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due memory leak within the selectExpander() function in select.c in SQLite, caused by incorrect exception handling, related to stack unwinding. A remote attacker can trigger with ability to modify the WITH SQL query can gain access to potentially sensitive information.
Install updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Memory leak
EUVDB-ID: #VU24489
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19956
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in xmlParseBalancedChunkMemoryRecover in parser.c. A remote attacker can trigger a memory leak related to newDoc->oldNs and perform denial of service attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Out-of-bounds write
EUVDB-ID: #VU23796
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19906
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds write error when processing LDAP queries within the _sasl_add_string() function in common.c file in cyrus-sasl. A remote non-authenticated attacker can create a specially LDAP request to the affected server, trigger off-by-one error in OpenLDAP implementation and crash the service.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Out-of-bounds read
EUVDB-ID: #VU22931
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19221
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in "archive_wstring_append_from_mbs" in "archive_string.c" because of an incorrect "mbrtowc" or "mbtowc" call. A remote attacker can create a specially crafted archive file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Cross-site scripting
EUVDB-ID: #VU21440
Risk: Medium
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-16935
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when processing the server_title field in the XML-RPC server (Lib/DocXMLRPCServer.py) in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
25) Division by zero
EUVDB-ID: #VU23188
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-16168
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a division by zero error within the whereLoopAddBtreeIndex in sqlite3.c due to improper input validation in the sqlite_stat1 sz field. A remote attacker can pass specially crafted data to the application, trigger division by zero error and crash the vulnerable application.
Install updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Out-of-bounds read
EUVDB-ID: #VU21091
Risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-15903
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information or perform denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing XML documents within the expat library. A remote attacker can create a specially crafted XML file, pass it to the affected application, trigger out-of-bounds read error and read contents of memory on the system or crash the affected application.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
27) OS Command Injection
EUVDB-ID: #VU23508
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-14889
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to incorrect handling of the SCP command parameters when initiating the connection within the ssh_scp_new() function. A remote attacker can trick victim into using a specially crafted SCP command to connect to a remote SCP server and execute arbitrary commands on the target server with privileges of the current user.
Install updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Cryptographic issues
EUVDB-ID: #VU24721
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-13627
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform timing attack.
The vulnerability exists due to an error within the libgcrypt20 cryptographic library. A remote attacker can perform ECDSA timing attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Improper validation of certificate with host mismatch
EUVDB-ID: #VU20961
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-13050
CWE-ID:
CWE-297 - Improper Validation of Certificate with Host Mismatch
Exploit availability: No
DescriptionInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Use-after-free
EUVDB-ID: #VU18645
Risk: High
CVSSv3.1: 7.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-5018
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the window function functionality. A remote attacker can send a specially crafted SQL command to the application, trigger user-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
31) Cross-site request forgery
EUVDB-ID: #VU16937
Risk: Low
CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1000858
CWE-ID:
CWE-352 - Cross-Site Request Forgery (CSRF)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site request forgery attacks.
The vulnerability exists due to insufficient validation of the HTTP request origin within dirmngr. A remote attacker can trick the victim to perform a WKD request (enter an email address in the composer window of Thunderbird/Enigmail) and perform arbitrary actions on behalf of the victim.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) XML External Entity injection
EUVDB-ID: #VU18923
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-20843
CWE-ID:
CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input including XML names that contain a large number of colons. A remote attacker can pass a specially crafted XML code to the affected application and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Serverless: 1.10.0 - 1.10.1
CPE2.3- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.0:*:*:*:*:*:*:
- cpe:2.3:a:red_hat:red_hat_openshift_serverless:1.10.1:*:*:*:*:*:*:
http://access.redhat.com/errata/RHSA-2021:2021
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
