CVE-2019-20921

Related Files

Red Hat Security Advisory 2021-1169-01

Posted Apr 14, 2021

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1169-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss

systems | linux, redhat

advisories | CVE-2019-20921, CVE-2020-25657, CVE-2020-28458, CVE-2020-28477

SHA-256 | ad61386766366b722b219913b56b8cfa60dfc16f9db363fa82bc4c4108510fb1

Download | Favorite | View

Red Hat Security Advisory 2021-1186-01

Posted Apr 14, 2021

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1186-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Bug Fix: Previously, saving user preferences in the Red Hat Virtualization Manager required the MANIPULATE_USERS permission level. As a result, user preferences were not saved on the server. In this release, the required permission level for saving user preferences was changed to EDIT_PROFILE, which is the permission level assigned by default to all users. As a result, saving user preferences works as expected. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss

systems | linux, redhat

advisories | CVE-2019-20921, CVE-2020-28458

SHA-256 | 4c18c1012319e88173dfbea22f337e2c7cfbebdf4b2a56114c37dc6509ff743c

Download | Favorite | View