{"id":"RHSA-2021:2179","summary":"Red Hat Security Advisory: RHV Manager security update (ovirt-engine) [ovirt-4.4.6]","modified":"2026-04-10T10:01:18Z","published":"2024-09-14T00:42:53Z","upstream":["CVE-2020-28500","CVE-2021-23337"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2021:2179"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1113630"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1310330"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1589763"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1621421"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1717411"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1766414"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1775145"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1821199"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1845877"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1875363"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1906074"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1910858"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1917718"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1919195"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1919984"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1924610"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926018"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926823"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928158"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928188"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928937"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928954"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1929211"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930522"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930565"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1930895"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932284"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1935073"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1942083"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1943267"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1944723"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1948577"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949543"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1949547"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1950348"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1950466"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954401"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2179.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-28500"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-28500"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-28500"},{"type":"ARTICLE","url":"https://snyk.io/vuln/SNYK-JS-LODASH-1018905"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-23337"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-23337"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23337"},{"type":"ARTICLE","url":"https://snyk.io/vuln/SNYK-JS-LODASH-1040724"}],"affected":[{"package":{"name":"ovirt-engine-ui-extensions","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-engine-ui-extensions"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.2.6-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:2179.json"}},{"package":{"name":"ovirt-web-ui","ecosystem":"Red Hat:rhev_manager:4.4:el8","purl":"pkg:rpm/redhat/ovirt-web-ui"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.6.9-1.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:2179.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}]}