Openshift@2.0.4 Security Vulnerabilities and Issues — Openshift@2.0.4 CVE List

Lucene search

RedhatOpenshift2.0.4

3 matches found

CVE•added 2014/06/20 2:55 p.m.•60 views

CVE-2014-3496

cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file.

10CVSS7.6AI score0.05735EPSS

CVE•added 2014/11/13 9:32 p.m.•47 views

CVE-2014-3602

Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.

2.1CVSS6.1AI score0.00114EPSS

CVE•added 2014/11/13 9:32 p.m.•44 views

CVE-2014-3674

Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors.

7.5CVSS6.8AI score0.00542EPSS