{"id":"RHSA-2021:0381","summary":"Red Hat Security Advisory: RHV-M(ovirt-engine) 4.4.z security, bug fix, enhancement update [ovirt-4.4.4]","modified":"2026-03-05T10:03:42Z","published":"2024-09-13T18:16:04Z","upstream":["CVE-2020-25649"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2021:0381"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#low"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1627997"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702237"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796231"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1868114"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1875951"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1879655"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1880015"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1881115"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1881357"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1887664"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1893035"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1894298"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1901946"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903385"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1903595"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0381.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-25649"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-25649"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25649"},{"type":"ARTICLE","url":"https://github.com/FasterXML/jackson-databind/issues/2589"}],"affected":[{"package":{"name":"ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-backend","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-backend"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-dbscripts","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-dbscripts"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-dwh","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-dwh"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.2-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-dwh-grafana-integration-setup","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-dwh-grafana-integration-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.2-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-dwh-setup","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-dwh-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.2-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-health-check-bundler","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-health-check-bundler"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-restapi","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-restapi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-setup","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-setup-base","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-base"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-setup-plugin-cinderlib","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-cinderlib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-setup-plugin-imageio","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-imageio"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-setup-plugin-ovirt-engine-common","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-ovirt-engine-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-setup-plugin-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-setup-plugin-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-setup-plugin-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-tools","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-tools-backup","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-tools-backup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-vmconsole-proxy-helper","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-vmconsole-proxy-helper"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-webadmin-portal","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-webadmin-portal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-engine-websocket-proxy","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-websocket-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"ovirt-web-ui","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-web-ui"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.6-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"python3-ovirt-engine-lib","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/python3-ovirt-engine-lib"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"rhv-log-collector-analyzer","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/rhv-log-collector-analyzer"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.0.6-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"rhvm","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/rhvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.4.5-0.10.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}},{"package":{"name":"vdsm-jsonrpc-java","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/vdsm-jsonrpc-java"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.0-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:0381.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}