Openshift@2.0 Security Vulnerabilities and Issues — Openshift@2.0 CVE List

Lucene search

RedhatOpenshift2.0

5 matches found

CVE•added 2016/08/07 10:59 a.m.•427 views

CVE-2016-5766

Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibl...

8.8CVSS8.2AI score0.04587EPSS

CVE•added 2016/01/08 7:59 p.m.•159 views

CVE-2015-5254

Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.

9.8CVSS8.7AI score0.80393EPSS

CVE•added 2016/02/03 6:59 p.m.•64 views

CVE-2015-7539

The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin.

7.6CVSS8AI score0.0104EPSS

CVE•added 2016/02/03 6:59 p.m.•58 views

CVE-2015-7538

Jenkins before 1.640 and LTS before 1.625.2 allow remote attackers to bypass the CSRF protection mechanism via unspecified vectors.

8.8CVSS7.8AI score0.00195EPSS

CVE•added 2016/02/03 6:59 p.m.•56 views

CVE-2015-7537

Cross-site request forgery (CSRF) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method.

8.8CVSS8.4AI score0.00179EPSS