CVE-2021-4047
haproxy: Incomplete fix for CVE-2021-39242 in OpenShift 4.9
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9.
La versión de OpenShift 4.9.6, incluía cuatro correcciones de CVE para el paquete haproxy, sin embargo faltaba el parche para CVE-2021-39242. Este problema solo afecta a Red Hat OpenShift versión 4.9
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue was only affects OpenShift 4.9.
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.11.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-12-02 CVE Reserved
- 2021-12-13 CVE Published
- 2024-08-03 CVE Updated
- 2025-04-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2027881 | 2021-12-13 | |
| https://access.redhat.com/security/cve/CVE-2021-4047 | 2021-12-13 |