Lucene search
K

108 matches found

CNNVD
CNNVD
added 2022/07/07 12:0 a.m.3 views

Red Hat OpenShift 安全漏洞

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying and running applications. A security vulnerability exists in Red Hat OpenShift Origin version 3, which stems from a cookie set in the console that does not have...

5.3CVSS5.8AI score0.00686EPSS
Exploits0References5
RubySec
RubySec
added 2022/05/17 12:0 a.m.16 views

openshift-origin-node Improper Input Validation vulnerability

Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...

5.5CVSS6.8AI score0.00311EPSS
Exploits0References1
Snyk
Snyk
added 2022/05/05 12:29 a.m.2 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview openshift-origin-controller is a The OpenShift Origin Controller is a Rails plugin which provides the models and controllers which implement the application and user management functionality and provides a REST API. Affected versions of this package are vulnerable to Improper...

9.8CVSS7.6AI score0.02498EPSS
Exploits1References2
OSV
OSV
added 2022/05/05 12:29 a.m.9 views

GHSA-77XQ-7C6P-6XP6 RubyGem openshift-origin-controller is vulnerable to command injection

rubygem-openshift-origin-controller: API can be used to create applications via cartridgecache.rb URI.prase to perform command injection...

9.8CVSS9.8AI score0.02498EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/05/05 12:29 a.m.15 views

RubyGem openshift-origin-controller is vulnerable to command injection

rubygem-openshift-origin-controller: API can be used to create applications via cartridgecache.rb URI.prase to perform command injection...

9.8CVSS7.5AI score0.02498EPSS
Exploits1References5Affected Software1
RubySec
RubySec
added 2022/05/05 12:0 a.m.14 views

RubyGem openshift-origin-controller is vulnerable to command injection

'rubygem-openshift-origin-controller: API can be used to create applications via cartridgecache.rb URI.prase to perform command injection'...

9.8CVSS7AI score0.02498EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2021/12/20 4:58 p.m.44 views

Denial of Service in OpenShift Origin

The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service master process crash via crafted JSON data...

4CVSS6.1AI score0.01952EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2021/12/20 4:58 p.m.18 views

GHSA-RF3M-MHV7-X39F Denial of Service in OpenShift Origin

The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service master process crash via crafted JSON data...

4.3CVSS6.2AI score0.01952EPSS
Exploits0References7
Fedora
Fedora
added 2020/07/24 1:15 a.m.35 views

[SECURITY] Fedora 32 Update: origin-3.11.2-1.fc32

OpenShift Origin is a distribution of Kubernetes optimized for enterprise a pplication development and deployment. OpenShift Origin adds developer and operational centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle...

7.5CVSS0.5AI score0.05071EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/07/24 12:0 a.m.26 views

Fedora: Security Advisory for origin (FEDORA-2020-aeea04cd13)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.3AI score0.05071EPSS
Exploits1References2
Prion
Prion
added 2020/01/28 4:15 p.m.16 views

Cross site request forgery (csrf)

The downloadfromurl function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart...

10CVSS8.2AI score0.0554EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/01/28 3:57 p.m.30 views

CVE-2013-2060

The downloadfromurl function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart...

9.9AI score0.0554EPSS
Exploits1References4
NVD
NVD
added 2019/11/21 3:15 p.m.22 views

CVE-2014-0084

Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...

5.5CVSS5.5AI score0.00311EPSS
Exploits0References1
Prion
Prion
added 2019/11/21 3:15 p.m.20 views

Design/Logic Flaw

Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...

2.1CVSS7AI score0.00311EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/11/21 2:4 p.m.66 views

CVE-2014-0084

CVE-2014-0084 affects the Ruby gem openshift-origin-node prior to 2014-02-14, which does not enforce a cronjob timeout, potentially enabling a denial-of-service in cron.daily and cron.weekly. Public records in OSV/RH advisories reference the same issue (GHSA-756M-3QF2-HP58) and describe an improp...

5.5CVSS5.4AI score0.00311EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2019/11/21 12:0 a.m.6 views

PT-2019-7037 · Red Hat · Openshift-Origin-Node

Name of the Vulnerable Software and Affected Versions: openshift-origin-node versions prior to 2014-02-14 Description: The issue is related to the absence of a cronjob timeout in the Ruby gem openshift-origin-node, which could lead to a denial of service in cron.daily and cron.weekly...

5.5CVSS5.9AI score0.00311EPSS
Exploits0References8
NVD
NVD
added 2019/11/13 4:15 p.m.15 views

CVE-2014-3592

OpenShift Origin: Improperly validated team names could allow stored XSS attacks...

6.1CVSS6AI score0.00655EPSS
Exploits1References2
Prion
Prion
added 2019/11/13 4:15 p.m.15 views

Cross site scripting

OpenShift Origin: Improperly validated team names could allow stored XSS attacks...

4.3CVSS5.9AI score0.00655EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2019/05/02 4:45 a.m.21 views

Open Redirect

The openshift-origin-node-util package provides a set of utility scripts for a node. Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. A flaw was found in the way the administrative web interface for restori...

7.5CVSS6.9AI score0.02204EPSS
Exploits1References8Affected Software1
Veracode
Veracode
added 2019/01/15 9:12 a.m.23 views

Information Disclosure

github.com/openshift/origin is vulnerable to information disclosure. The vulnerability is possible because kubernetes watch cache does not return the correct data in a multi tenant environment, revealing the data of a user to another user...

6.5CVSS5.9AI score0.02464EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder