{"id":"RHSA-2020:3807","summary":"Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update","modified":"2026-04-02T10:01:24Z","published":"2024-09-18T04:27:00Z","upstream":["CVE-2020-11022","CVE-2020-11023","CVE-2020-14333","CVE-2020-8203"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:3807"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625499"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1638217"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1643520"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1674420"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748879"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1749803"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1758024"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1763812"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1778471"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1787854"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1801206"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1803856"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1804037"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1804046"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1806339"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1816951"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1819260"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1826255"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1828406"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831949"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831952"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831954"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1831956"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1838051"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1841112"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1843234"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850004"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1854488"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1855377"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1857412"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1858184"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1859460"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1860907"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866466"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866734"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869209"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869302"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1871235"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1875609"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1875851"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3807.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-8203"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-8203"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8203"},{"type":"ARTICLE","url":"https://hackerone.com/reports/712065"},{"type":"ARTICLE","url":"https://www.npmjs.com/advisories/1523"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-11022"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-11022"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11022"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-gxr4-xjj5-5px2"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-11023"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-11023"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11023"},{"type":"ARTICLE","url":"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"},{"type":"ARTICLE","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-14333"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-14333"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14333"}],"affected":[{"package":{"name":"ovirt-engine-ui-extensions","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-ui-extensions"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.3-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-web-ui","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-web-ui"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.4-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-backend","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-backend"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-dbscripts","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-dbscripts"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-health-check-bundler","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-health-check-bundler"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-restapi","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-restapi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-setup","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-setup-base","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-base"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-setup-plugin-cinderlib","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-setup-plugin-imageio","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine-common","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-setup-plugin-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-setup-plugin-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-tools","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-tools-backup","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-tools-backup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-webadmin-portal","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-webadmin-portal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"ovirt-engine-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"python3-ovirt-engine-lib","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/python3-ovirt-engine-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}},{"package":{"name":"rhvm","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/rhvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.2.3-0.6.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2020:3807.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}]}