Openshift@3.4 Security Vulnerabilities and Issues — Openshift@3.4 CVE List

Lucene search

RedhatOpenshift3.4

3 matches found

CVE•added 2018/04/30 7:29 p.m.•113 views

CVE-2018-1102

A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. An improper path validation of tar files in ExtractTarStreamFromTarReader in tar/tar.go leads to privilege escalation.

8.8CVSS8.4AI score0.01331EPSS

CVE•added 2018/04/11 7:29 p.m.•45 views

CVE-2017-7534

OpenShift Enterprise version 3.x is vulnerable to a stored XSS via the log viewer for pods. The flaw is due to lack of sanitation of user input, specifically terminal escape characters, and the creation of clickable links automatically when viewing the log files for a pod.

5.4CVSS5.2AI score0.00168EPSS

CVE•added 2018/04/16 3:29 p.m.•36 views

CVE-2016-9592

openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to detach, which causes the delete operation to fail with 'VolumeInUse' error. Since the delete operation is retried every 30 seconds for each volume, this could lead to a denial of service attack as the n...

4.3CVSS4.6AI score0.00315EPSS