How to investigating the vulnerabilities

Solution Verified - Updated -

Issue

  • How do we fix the vulnerabilities that appeared in the OpenShift Console?
  • Same vulnerabilities can be found in ImageManifestVuln while using Quay Security Scanner for the image source openshift-release-dev/ocp-release@sha256@0455e0201f4

  • We would like to avoid all the medium vulnerabilities:

Vulnerability   Severity    PackageCurrent      Version         Fixed in Version
RHSA-2020:4076  Medium      nss-tools       3.44.0-7.el7_7      0:3.53.1-3.el7_9
RHSA-2020:3996  Medium      libxml2         2.9.1-6.el7.4       0:2.9.1-6.el7.5
RHSA-2020:4076  Medium      nspr            4.21.0-1.el7        0:4.25.0-2.el7_9
RHSA-2020:3952  Medium      expat           2.1.0-11.el7        0:2.1.0-12.el7
RHSA-2020:3908  Medium      cpio            2.11-27.el7     0:2.11-28.el7
RHSA-2020:4076  Medium      nss-softokn     3.44.0-8.el7_7      0:3.53.1-6.el7_9
RHSA-2020:3916  Medium      libcurl         7.29.0-57.el7_8.1   0:7.29.0-59.el7
RHSA-2020:3915  Medium      libssh2         1.8.0-3.el7     0:1.8.0-4.el7
RHSA-2020:4032  Medium      dbus            1:1.10.24-14.el7_8  1:1.10.24-15.el7
RHSA-2020:4076  Medium      nss                 3.44.0-7.el7_7      0:3.53.1-3.el7_9
RHSA-2020:3911  Medium      python          2.7.5-88.el7        0:2.7.5-89.el7
RHSA-2020:3916  Medium      curl            7.29.0-57.el7_8.1   0:7.29.0-59.el7
RHSA-2020:3911  Medium      python-libs     2.7.5-88.el7        0:2.7.5-89.el7
RHSA-2020:4041  Medium      openldap        2.4.44-21.el7_6     0:2.4.44-22.el7
RHSA-2020:4032  Medium      dbus-libs       1:1.10.24-14.el7_8  1:1.10.24-15.el7
RHSA-2020:4011  Medium      libcom_err      1.42.9-17.el7       0:1.42.9-19.el7
RHSA-2020:3978  Medium      glib2           2.56.1-5.el7        0:2.56.1-7.el7
RHSA-2020:3996  Medium      libxml2-python      2.9.1-6.el7.4       0:2.9.1-6.el7.5
RHSA-2020:4076  Medium      nss-sysinit        3.44.0-7.el7_7       0:3.53.1-3.el7_9
RHSA-2020:4076  Medium      nss-util                     3.44.0-4.el7_7     0:3.53.1-1.el7_9
RHSA-2020:4076  Medium      nss-softokn-freebl  3.44.0-8.el7_7      0:3.53.1-6.el7_9

Environment

  • Red Hat OpenShift Container Platform
    • 4.4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In