{"id":"RHSA-2021:3459","summary":"Red Hat Security Advisory: Red Hat Virtualization Host security and bug fix update [ovirt-4.4.8]","modified":"2026-04-10T10:01:19Z","published":"2024-09-14T00:42:46Z","upstream":["CVE-2020-28500","CVE-2021-23337"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2021:3459"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928937"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928954"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1948177"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1959436"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1984209"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1998017"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3459.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-28500"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-28500"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-28500"},{"type":"ARTICLE","url":"https://snyk.io/vuln/SNYK-JS-LODASH-1018905"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-23337"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-23337"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23337"},{"type":"ARTICLE","url":"https://snyk.io/vuln/SNYK-JS-LODASH-1040724"}],"affected":[{"package":{"name":"cockpit-ovirt","ecosystem":"Red Hat:rhev_hypervisor:4.4::el8","purl":"pkg:rpm/redhat/cockpit-ovirt"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.15.1-2.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3459.json"}},{"package":{"name":"cockpit-ovirt-dashboard","ecosystem":"Red Hat:rhev_hypervisor:4.4::el8","purl":"pkg:rpm/redhat/cockpit-ovirt-dashboard"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.15.1-2.el8ev"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3459.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}]}