A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function ClientSecretMatches/CheckClientSecret. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is 8612686d6dda34ae9ef6b5a974e4b7accb4fea29. It....
5.9CVSS
5.7AI Score
0.001EPSS
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their...
7CVSS
6.8AI Score
0.0004EPSS
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their...
7CVSS
6.8AI Score
0.0004EPSS
A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting the REST API via web...
6.5CVSS
6.3AI Score
0.001EPSS
cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in...
7.3CVSS
7.2AI Score
0.001EPSS
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and...
5.5CVSS
5.4AI Score
0.0004EPSS
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly'...
5.3CVSS
5.2AI Score
0.001EPSS
A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. This flaw allows an attacker with the ability to cause an API Server error to read the logs, and use the leaked OAuthToken to log into.....
Openshift has shell command injection flaws due to unsanitized data being passed into shell...
8.8CVSS
8.9AI Score
0.001EPSS
rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command...
9.8CVSS
9.7AI Score
0.004EPSS
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate...
5.5CVSS
5.5AI Score
0.0004EPSS
8.1CVSS
8.1AI Score
0.001EPSS
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code...
7.8CVSS
7.9AI Score
0.0004EPSS
6.1CVSS
5.9AI Score
0.001EPSS
Openshift Enterprise source-to-image before version 1.1.10 is vulnerable to an improper validation of user input. An attacker who could trick a user into using the command to copy files locally, from a pod, could override files outside of the target directory of the...
6.5CVSS
6.3AI Score
0.001EPSS
openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd...
5.1CVSS
4.9AI Score
0.001EPSS