Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatOpenshift3.3

4 matches found

CVE
CVEadded 2018/04/30 7:29 p.m.113 views

CVE-2018-1102

A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. An improper path validation of tar files in ExtractTarStreamFromTarReader in tar/tar.go leads to privilege escalation.

8.8CVSS8.4AI score0.01331EPSS
CVE
CVEadded 2018/07/31 8:29 p.m.50 views

CVE-2016-8631

The OpenShift Enterprise 3 router does not properly sort routes when processing newly added routes. An attacker with access to create routes can potentially overwrite existing routes and redirect network traffic for other users to their own site.

7.7CVSS7.5AI score0.00191EPSS
CVE
CVEadded 2018/09/10 2:29 p.m.47 views

CVE-2016-7075

It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.

8.1CVSS8AI score0.00301EPSS
CVE
CVEadded 2018/04/11 7:29 p.m.45 views

CVE-2017-7534

OpenShift Enterprise version 3.x is vulnerable to a stored XSS via the log viewer for pods. The flaw is due to lack of sanitation of user input, specifically terminal escape characters, and the creation of clickable links automatically when viewing the log files for a pod.

5.4CVSS5.2AI score0.00168EPSS