Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatOpenshift

7 matches found

CVE
CVEadded 2019/12/30 10:15 p.m.78 views

CVE-2013-0196

A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting the REST API via web browser.

6.5CVSS6.3AI score0.0011EPSS
CVE
CVEadded 2019/12/20 2:15 p.m.66 views

CVE-2016-1000229

swagger-ui has XSS in key names

6.1CVSS6AI score0.0485EPSS
CVE
CVEadded 2019/12/11 2:15 p.m.57 views

CVE-2013-7370

node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware

6.1CVSS5.7AI score0.01082EPSS
CVE
CVEadded 2019/12/05 3:15 p.m.51 views

CVE-2013-0163

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS

5.5CVSS5.5AI score0.00122EPSS
CVE
CVEadded 2019/12/13 1:15 p.m.51 views

CVE-2014-0175

mcollective has a default password set at install

9.8CVSS9.5AI score0.00601EPSS
CVE
CVEadded 2019/12/11 4:15 p.m.45 views

CVE-2014-0163

Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.

9CVSS8.9AI score0.01787EPSS
CVE
CVEadded 2019/12/03 2:15 p.m.36 views

CVE-2013-2103

OpenShift cartridge allows remote URL retrieval

8.1CVSS8.1AI score0.00305EPSS