RHSA-2021:0145: Moderate: Red Hat OpenShift Serverless Client kn 1.12.0
Red Hat OpenShift Serverless Client kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.Red Hat OpenShift Serverless Client kn 1.12.0 provides a CLI to interactwith Red Hat OpenShift Serverless 1.12.0, and includes security and bug fixes and enhancements. For more information, see the release notes listed in the References section.Security Fix(es): golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS (CVE-2020-24553) golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362) golang: malicious symbol names can lead to code execution at build time (CVE-2020-28366) golang: improper validation of cgo flags can lead to code execution at build time (CVE-2020-28367) For more details about the security issues and their impact, the CVSSscore, acknowledgements, and other related information, see the CVE pageslisted in the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:0145?
The severity of RHSA-2021:0145 is classified as moderate.
How do I fix RHSA-2021:0145?
To fix RHSA-2021:0145, update the package for openshift-serverless-clients to version 0.18.4-2.el8.
What systems are affected by RHSA-2021:0145?
RHSA-2021:0145 affects Red Hat OpenShift Serverless Clients version prior to 0.18.4-2.el8.
What is the purpose of RHSA-2021:0145?
RHSA-2021:0145 addresses vulnerabilities within the Red Hat OpenShift Serverless Client kn CLI.
Is there a known exploit for RHSA-2021:0145?
As of the latest updates, there are no public exploits known for RHSA-2021:0145.