77 matches found
EUVD-2025-6761
Malicious code in bioql PyPI...
SUSE CVE-2024-7631
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...
GO-2025-3539 OpenShift Console Has a Path Traversal Vulnerability in github.com/openshift/console
OpenShift Console Has a Path Traversal Vulnerability in github.com/openshift/console...
OpenShift Console Has a Path Traversal Vulnerability
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...
GHSA-69X5-HJG4-M267 OpenShift Console Has a Path Traversal Vulnerability
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...
CVE-2024-7631
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...
CVE-2024-7631 Openshift-console: openshift console: path traversal
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...
CVE-2024-7631
OpenShift Console CVE-2024-7631 describes a path traversal flaw in the locales/resources.json endpoint where lng/ns are used to build a file path in pkg/plugins/handlers unsafely.go, allowing an authenticated user to read arbitrary JSON files on the console pod by using ../ sequences. Connected d...
CVE-2024-7631 Openshift-console: openshift console: path traversal
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...
CVE-2024-7631
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.goL112 Because of this unsafe filepath construction, an...
Server Side Request Forgery (SSRF)
github.com/openshift/console is vulnerable to Server Side Request Forgery SSRF. The vulnerability is due to the lack of proper checks on the /api/dev-console/proxy/internet endpoint, which allows authenticated users to make arbitrary HTTP requests from the console's pod to services inside the...
OpenShift Console Server Side Request Forgery vulnerability
A flaw was found in OpenShift Console. A Server Side Request Forgery SSRF attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to...
CVE-2024-6538
A flaw was found in OpenShift Console. A Server Side Request Forgery SSRF attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to...
CVE-2024-6538
A flaw was found in OpenShift Console. A Server Side Request Forgery SSRF attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to...
CVE-2024-6538 Openshift-console: openshift console: server-side request forgery
A flaw was found in OpenShift Console. A Server Side Request Forgery SSRF attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to...
CVE-2024-6538 Openshift-console: openshift console: server-side request forgery
A flaw was found in OpenShift Console. A Server Side Request Forgery SSRF attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to...
CVE-2024-6538
A flaw was found in OpenShift Console. A Server Side Request Forgery SSRF attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to...
Red Hat OpenShift Console 代码问题漏洞
Red Hat OpenShift Console is an OpenShift console from Red Hat USA. A code issue vulnerability exists in Red Hat OpenShift Console, which stems from the vulnerability of the component openshift4/ose-console to a server-side request forgery attack, which allows an authenticated user to make the...
RHSA-2012:1555 Red Hat Security Advisory: openshift-console security update
Bulletin has no description...
CVE-2024-6508 Openshift-console: oauth2 insufficient state parameter entropy
An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery CSRF attack if the state parameter is used inefficiently. This flaw allows logging into the victim’s...