EUVD-2023-1010

Malicious code in bioql PyPI...

Information Disclosure

github.com/openshift/assisted-installer is vulnerable to Information Disclosure. The vulnerability exists in ops.go due to the leakage of image pull secrets as plaintext in installation logs which allows an attacker to gain access to the pull secret token information...

GHSA-G8XM-P2H4-V6JP OpenShift Assisted Installer leaks image pull secrets as plaintext in installation logs

A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the...

OpenShift Assisted Installer leaks image pull secrets as plaintext in installation logs

A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the...

CVE-2021-3684

A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the...

CVE-2021-3684

A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the...

Design/Logic Flaw

A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the...

CVE-2021-3684

The CVE-2021-3684 entry concerns OpenShift Assisted Installer. During Discovery ISO generation, image pull secrets were leaked as plaintext in installation logs, enabling an authenticated user to reuse the secret to pull container images from the registry as that user. Documents substantiate the ...

CVE-2021-3684

A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the...

PT-2023-12303 · Red Hat · Openshift Assisted Installer

Name of the Vulnerable Software and Affected Versions: OpenShift Assisted Installer affected versions not specified Description: A vulnerability was found in OpenShift Assisted Installer where image pull secrets were leaked as plaintext in the installation logs during the generation of the...

CVE-2021-3684

A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the...

CVE-2021-3684

A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the...