VDB

RHSA-2020%3A2926

RHSA-2020%3A2926 PUBLISHED CVSS 5.400000095367432 MEDIUM

A flaw was found in Kubernetes that allows attackers on adjacent networks to reach services exposed on localhost ports, previously thought to be unreachable. This flaw allows an attacker to gain privileges or access confidential information for any services listening on localhost ports that are not protected by authentication.

Risk Scores

CVSS 3.1
5.400000095367432
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-hyperkube@sha256:d36003d5b5831484297c42496d40345e453a1a5c04af665480fdc52bb5273ffa_s390x as a component of Red Hat OpenShift Container Platform 4.4openshift4/ose-hyperkube@sha256:d36003d5b5831484297c42496d40345e453a1a5c04af665480fdc52bb5273ffa_s390x
Red Hatopenshift4/ose-hyperkube@sha256:992b2cdf17c868f6a668d899ac06a60b696535ee70ec0e31efd17fe63a9130dd_ppc64le as a component of Red Hat OpenShift Container Platform 4.4openshift4/ose-hyperkube@sha256:992b2cdf17c868f6a668d899ac06a60b696535ee70ec0e31efd17fe63a9130dd_ppc64le
Red Hatopenshift4/ose-hyperkube@sha256:d8bf95b1f24d108406cd1c464b9fcd1319048e78d41d1d15dc4140be0b94d04f_amd64 as a component of Red Hat OpenShift Container Platform 4.4openshift4/ose-hyperkube@sha256:d8bf95b1f24d108406cd1c464b9fcd1319048e78d41d1d15dc4140be0b94d04f_amd64

Timeline

  • Jul 21, 2020 CVE Published
  • Nov 21, 2025 CVE Updated
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›