108 matches found
Red Hat OpenShift 安全漏洞
Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying and running applications. A security vulnerability exists in Red Hat OpenShift Origin version 3, which stems from a cookie set in the console that does not have...
openshift-origin-node Improper Input Validation vulnerability
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview openshift-origin-controller is a The OpenShift Origin Controller is a Rails plugin which provides the models and controllers which implement the application and user management functionality and provides a REST API. Affected versions of this package are vulnerable to Improper...
GHSA-77XQ-7C6P-6XP6 RubyGem openshift-origin-controller is vulnerable to command injection
rubygem-openshift-origin-controller: API can be used to create applications via cartridgecache.rb URI.prase to perform command injection...
RubyGem openshift-origin-controller is vulnerable to command injection
rubygem-openshift-origin-controller: API can be used to create applications via cartridgecache.rb URI.prase to perform command injection...
RubyGem openshift-origin-controller is vulnerable to command injection
'rubygem-openshift-origin-controller: API can be used to create applications via cartridgecache.rb URI.prase to perform command injection'...
GHSA-RF3M-MHV7-X39F Denial of Service in OpenShift Origin
The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service master process crash via crafted JSON data...
Denial of Service in OpenShift Origin
The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service master process crash via crafted JSON data...
[SECURITY] Fedora 32 Update: origin-3.11.2-1.fc32
OpenShift Origin is a distribution of Kubernetes optimized for enterprise a pplication development and deployment. OpenShift Origin adds developer and operational centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle...
Fedora: Security Advisory for origin (FEDORA-2020-aeea04cd13)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Cross site request forgery (csrf)
The downloadfromurl function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart...
CVE-2013-2060
The downloadfromurl function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart...
CVE-2014-0084
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...
Design/Logic Flaw
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly...
CVE-2014-0084
CVE-2014-0084 affects the Ruby gem openshift-origin-node prior to 2014-02-14, which does not enforce a cronjob timeout, potentially enabling a denial-of-service in cron.daily and cron.weekly. Public records in OSV/RH advisories reference the same issue (GHSA-756M-3QF2-HP58) and describe an improp...
PT-2019-7037 · Red Hat · Openshift-Origin-Node
Name of the Vulnerable Software and Affected Versions: openshift-origin-node versions prior to 2014-02-14 Description: The issue is related to the absence of a cronjob timeout in the Ruby gem openshift-origin-node, which could lead to a denial of service in cron.daily and cron.weekly...
CVE-2014-3592
OpenShift Origin: Improperly validated team names could allow stored XSS attacks...
Cross site scripting
OpenShift Origin: Improperly validated team names could allow stored XSS attacks...
Open Redirect
The openshift-origin-node-util package provides a set of utility scripts for a node. Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. A flaw was found in the way the administrative web interface for restori...
Information Disclosure
github.com/openshift/origin is vulnerable to information disclosure. The vulnerability is possible because kubernetes watch cache does not return the correct data in a multi tenant environment, revealing the data of a user to another user...