Openshift@2.1 Security Vulnerabilities and Issues — Openshift@2.1 CVE List

Lucene search

RedhatOpenshift2.1

5 matches found

CVE•added 2014/06/20 2:55 p.m.•60 views

CVE-2014-3496

cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file.

10CVSS7.6AI score0.05735EPSS

CVE•added 2019/12/13 1:15 p.m.•51 views

CVE-2014-0175

mcollective has a default password set at install

9.8CVSS9.5AI score0.00601EPSS

CVE•added 2014/11/16 11:59 a.m.•47 views

CVE-2014-0233

Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartridge using the file: URI scheme.

6.5CVSS7.3AI score0.01365EPSS

CVE•added 2014/11/13 9:32 p.m.•47 views

CVE-2014-3602

Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.

2.1CVSS6.1AI score0.00114EPSS

CVE•added 2014/11/13 9:32 p.m.•44 views

CVE-2014-3674

Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors.

7.5CVSS6.8AI score0.00542EPSS