108 matches found
Red Hat OpenShift 安全漏洞
Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying and running applications. A security vulnerability exists in Red Hat OpenShift Origin version 3, which stems from a cookie set in the console that does not have...
openshift-origin-node Improper Input Validation vulnerability
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview openshift-origin-controller is a The OpenShift Origin Controller is a Rails plugin which provides the models and controllers which implement the application and user management functionality and provides a REST API. Affected versions of this package are vulnerable to Improper...
GHSA-77XQ-7C6P-6XP6 RubyGem openshift-origin-controller is vulnerable to command injection
rubygem-openshift-origin-controller: API can be used to create applications via cartridgecache.rb URI.prase to perform command injection...
RubyGem openshift-origin-controller is vulnerable to command injection
rubygem-openshift-origin-controller: API can be used to create applications via cartridgecache.rb URI.prase to perform command injection...
RubyGem openshift-origin-controller is vulnerable to command injection
'rubygem-openshift-origin-controller: API can be used to create applications via cartridgecache.rb URI.prase to perform command injection'...
Denial of Service in OpenShift Origin
The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service master process crash via crafted JSON data...
GHSA-RF3M-MHV7-X39F Denial of Service in OpenShift Origin
The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service master process crash via crafted JSON data...
[SECURITY] Fedora 32 Update: origin-3.11.2-1.fc32
OpenShift Origin is a distribution of Kubernetes optimized for enterprise a pplication development and deployment. OpenShift Origin adds developer and operational centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle...
Fedora: Security Advisory for origin (FEDORA-2020-aeea04cd13)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Cross site request forgery (csrf)
The downloadfromurl function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart...
CVE-2013-2060
The downloadfromurl function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart...
CVE-2014-0084
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...
Design/Logic Flaw
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...
CVE-2014-0084
CVE-2014-0084 affects the Ruby gem openshift-origin-node prior to 2014-02-14, which does not enforce a cronjob timeout, potentially enabling a denial-of-service in cron.daily and cron.weekly. Public records in OSV/RH advisories reference the same issue (GHSA-756M-3QF2-HP58) and describe an improp...
PT-2019-7037 · Red Hat · Openshift-Origin-Node
Name of the Vulnerable Software and Affected Versions: openshift-origin-node versions prior to 2014-02-14 Description: The issue is related to the absence of a cronjob timeout in the Ruby gem openshift-origin-node, which could lead to a denial of service in cron.daily and cron.weekly...
CVE-2014-3592
OpenShift Origin: Improperly validated team names could allow stored XSS attacks...
Cross site scripting
OpenShift Origin: Improperly validated team names could allow stored XSS attacks...
Open Redirect
The openshift-origin-node-util package provides a set of utility scripts for a node. Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. A flaw was found in the way the administrative web interface for restori...
Information Disclosure
github.com/openshift/origin is vulnerable to information disclosure. The vulnerability is possible because kubernetes watch cache does not return the correct data in a multi tenant environment, revealing the data of a user to another user...