{"id":"RHSA-2020:0498","summary":"Red Hat Security Advisory: Red Hat Virtualization Engine security, bug fix and enhancement update","modified":"2026-03-11T07:17:25.514257Z","published":"2024-09-16T03:17:03Z","upstream":["CVE-2019-19336"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0498"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1688781"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1739106"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1754979"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1757423"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1772506"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1773580"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1773704"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1776722"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1779587"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1779631"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1779664"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1780234"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781001"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781380"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1782412"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0498.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-19336"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-19336"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19336"}],"affected":[{"package":{"name":"ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-backend","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-backend"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-dbscripts","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-dbscripts"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-dwh","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-dwh"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8-1.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-dwh-setup","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-dwh-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8-1.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-extensions-api-impl","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-extensions-api-impl"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-extensions-api-impl-javadoc","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-extensions-api-impl-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-health-check-bundler","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-health-check-bundler"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-metrics","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-metrics"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.3.6.2-1.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-restapi","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-restapi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-setup","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-setup-base","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-base"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-setup-plugin-cinderlib","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine-common","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-setup-plugin-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-setup-plugin-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-tools","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-tools-backup","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-tools-backup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-webadmin-portal","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-webadmin-portal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-engine-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-engine-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-fast-forward-upgrade","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-fast-forward-upgrade"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.0-16.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-imageio-common","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-imageio-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.5.3-0.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-imageio-common-debuginfo","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-imageio-common-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.5.3-0.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-imageio-proxy","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-imageio-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.5.3-0.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-imageio-proxy-setup","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-imageio-proxy-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.5.3-0.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"ovirt-web-ui","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/ovirt-web-ui"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.0-2.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"python2-ovirt-engine-lib","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/python2-ovirt-engine-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"rhv-log-collector-analyzer","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/rhv-log-collector-analyzer"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.2.15-0.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"rhvm","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/rhvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.3.8.2-0.4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"v2v-conversion-host","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/v2v-conversion-host"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.16.0-3.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}},{"package":{"name":"v2v-conversion-host-ansible","ecosystem":"Red Hat:rhev_manager:4.3","purl":"pkg:rpm/redhat/v2v-conversion-host-ansible"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.16.0-3.el7ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:0498.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}]}