VDB
RHSA-2021%3A0190
RHSA-2021%3A0190
PUBLISHED
CVSS 7.5 HIGH
An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/compliance-rhel8-operator@sha256:1209f8b333c55279e3f9e1172b6cc741380a02f47bfc2a9cb39412bbefeed948_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/compliance-rhel8-operator@sha256:1209f8b333c55279e3f9e1172b6cc741380a02f47bfc2a9cb39412bbefeed948_amd64 |
| Red Hat | openshift4/compliance-openscap-rhel8@sha256:54914618a94e2b88489b4c01f27920fdf0f07630e225cf10b9b4714c741baf28_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | openshift4/compliance-openscap-rhel8@sha256:54914618a94e2b88489b4c01f27920fdf0f07630e225cf10b9b4714c741baf28_amd64 |
| Red Hat | openshift4/compliance-content-rhel8@sha256:f4723b754a7af837dc0a485d9bb12fe78542e58525f5022b1192ab49187f51fe_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | * |
| Red Hat | openshift4/compliance-rhel8-operator-metadata@sha256:3145cda510659eee3aa12e41aefdd3e1922a6b7324f504e8613d38c258c92c44_amd64 as a component of Red Hat OpenShift Container Platform 4.6 | * |
Timeline
- Jan 19, 2021 CVE Published
- Apr 30, 2026 CVE Updated
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2021:0190 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1899479 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1902111 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1902251 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1902634 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1907414 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1908991 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1909081 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=1909122 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0190.json advisory
- https://access.redhat.com/security/cve/CVE-2020-27813 advisory
- https://www.cve.org/CVERecord?id=CVE-2020-27813 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-27813 advisory
- https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh advisory