{"id":"RHSA-2020:5179","summary":"Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update","modified":"2026-05-01T10:01:48Z","published":"2024-09-14T00:41:25Z","upstream":["CVE-2019-20920","CVE-2019-20922","CVE-2020-8203"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:5179"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#low"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1613514"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1657294"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691253"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702016"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1752751"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1760170"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1797717"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1808320"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1811466"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1812316"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1822372"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1825020"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828241"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1829691"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1842344"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845432"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851865"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1854888"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1855305"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1856671"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1857412"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1859314"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1862101"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866981"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1870133"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1871694"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1872911"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1873136"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1876923"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1877632"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1877679"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879199"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879280"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879377"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1881634"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882256"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882260"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1883844"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1884146"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1884634"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1885976"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1887268"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1888626"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889522"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5179.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-20920"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-20920"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-20920"},{"type":"ARTICLE","url":"https://www.npmjs.com/advisories/1316"},{"type":"ARTICLE","url":"https://www.npmjs.com/advisories/1324"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2019-20922"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2019-20922"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-20922"},{"type":"ARTICLE","url":"https://www.npmjs.com/advisories/1300"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-8203"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-8203"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8203"},{"type":"ARTICLE","url":"https://hackerone.com/reports/712065"},{"type":"ARTICLE","url":"https://www.npmjs.com/advisories/1523"}],"affected":[{"package":{"name":"ovirt-web-ui","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-web-ui"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.5-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-backend","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-backend"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-dbscripts","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-dbscripts"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-health-check-bundler","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-health-check-bundler"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-restapi","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-restapi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-setup","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-setup-base","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-base"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-setup-plugin-cinderlib","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-setup-plugin-imageio","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine-common","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-setup-plugin-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-setup-plugin-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-tools","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-tools-backup","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-tools-backup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-webadmin-portal","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-webadmin-portal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"ovirt-engine-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"python3-ovirt-engine-lib","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/python3-ovirt-engine-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}},{"package":{"name":"rhvm","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/rhvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.3.8-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:5179.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L"}]}