Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and...
5.5CVSS
5.4AI Score
0.0004EPSS
cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in...
7.3CVSS
7.2AI Score
0.001EPSS
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly'...
5.3CVSS
5.2AI Score
0.001EPSS
A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. This flaw allows an attacker with the ability to cause an API Server error to read the logs, and use the leaked OAuthToken to log into.....
rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command...
9.8CVSS
9.7AI Score
0.004EPSS
6.1CVSS
5.9AI Score
0.001EPSS
openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd...
5.1CVSS
4.9AI Score
0.001EPSS