7 matches found
RHEL 7 : atomic-openshift (RHSA-2016:1427)
An update for atomic-openshift is now available for Red Hat OpenShift Enterprise 3.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 7 : jenkins (RHSA-2016:1206)
An updated Jenkins package and image that includes security fixes are now available for Red Hat OpenShift Enterprise 3.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2016-5392
The API server in Kubernetes, as used in Red Hat OpenShift Enterprise 3.2, in a multi tenant environment allows remote authenticated users with knowledge of other project names to obtain sensitive project and user information via vectors related to the watch-cache list...
CVE-2016-5392
The CVE-2016-5392 vulnerability affects Red Hat OpenShift Enterprise 3.2 deployments where the Kubernetes API server’s watch cache allows a remote, authenticated user who knows other project names to disclose sensitive project and user information. The root cause is an input validation error in t...
PT-2016-5669 · Red Hat · Red Hat Openshift Enterprise
Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Enterprise version 3.2 Description: The issue allows remote authenticated users to access network resources on restricted pods via an s2i build with a builder image that contains ONBUILD commands or does not contain a tar...
PT-2016-5687 · Red Hat +1 · Red Hat Openshift Enterprise +1
Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Enterprise version 3.2 Description: The issue is related to improper access restriction to STI builds, allowing remote authenticated users to access the Docker socket and gain privileges. This is achieved through vectors...
PT-2016-5029 · Red Hat · Red Hat Openshift Enterprise
Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Enterprise version 3.2 Description: The issue allows remote authenticated users to read log files from another namespace. This can be achieved by creating a new namespace with the same name as a previously deleted namespace...