{"id":"RHSA-2022:6393","summary":"Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.2] bug fix and security update","modified":"2026-05-10T10:01:44Z","published":"2024-09-30T14:25:44Z","upstream":["CVE-2020-11022","CVE-2020-11023","CVE-2021-22096","CVE-2021-23358","CVE-2022-2806","CVE-2022-31129"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2022:6393"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828406"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850004"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1939284"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1944286"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1955388"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1974974"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034584"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2080005"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2092478"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2094577"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2097536"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2097558"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2097560"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2097725"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104115"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104831"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104939"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105075"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107250"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107267"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108985"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2109923"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6393.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-11022"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-11022"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11022"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-gxr4-xjj5-5px2"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-11023"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-11023"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11023"},{"type":"ARTICLE","url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"},{"type":"ARTICLE","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-22096"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-22096"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-22096"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-23358"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-23358"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23358"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-2806"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-2806"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2806"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-31129"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-31129"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31129"},{"type":"ARTICLE","url":"https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g"}],"affected":[{"package":{"name":"ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-backend","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-backend"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-dbscripts","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-dbscripts"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-health-check-bundler","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-health-check-bundler"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-restapi","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-restapi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-setup","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-setup-base","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-base"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-setup-plugin-cinderlib","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-setup-plugin-imageio","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine-common","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-setup-plugin-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-setup-plugin-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-tools","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-tools-backup","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-tools-backup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-webadmin-portal","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-webadmin-portal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"python3-ovirt-engine-lib","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/python3-ovirt-engine-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"rhvm","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/rhvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.5.2.4-0.1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-web-ui","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-web-ui"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.9.1-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-log-collector","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-log-collector"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.7-2.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}},{"package":{"name":"ovirt-engine-ui-extensions","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-ui-extensions"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.3.5-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:6393.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}