Lucene search

Veracode Vulnerability DatabaseVERACODE:19781

HistoryMay 16, 2019 - 3:23 a.m.

Arbitrary Code Execution

2019-05-1603:23:55

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.59. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHBA-2019:0023 Space precludes documenting all of the bug fixes and enhancements in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages and images.

CPENameOperatorVersion
golang-github-openshift-oauth-proxyeq2.3__1.git57b68632.el7
golang-github-openshift-oauth-proxyeq2.1__2.git885c9f40.el7
golang-github-openshift-oauth-proxyeq2.1__1.git885c9f40.el7
golang-github-openshift-oauth-proxyeq3.11.51__1.git.419.1af74df.el7
golang-github-openshift-oauth-proxyeq3.11.16__1.git.409.922769e.el7
golang-github-openshift-oauth-proxyeq3.11.43__1.git.419.03122b3.el7
openshift-enterprise-cluster-capacityeq3.11.16__1.git.380.1406f2f.el7
openshift-enterprise-cluster-capacityeq3.11.43__1.git.380.9cbcbb2.el7
openshift-enterprise-cluster-capacityeq3.10.83__1.git.375.44bdf09.el7
openshift-enterprise-cluster-capacityeq3.10.34__1.git.380.d83e536.el7

Name	Operator	Version
golang-github-openshift-oauth-proxy	eq	2.3__1.git57b68632.el7
golang-github-openshift-oauth-proxy	eq	2.1__2.git885c9f40.el7
golang-github-openshift-oauth-proxy	eq	2.1__1.git885c9f40.el7
golang-github-openshift-oauth-proxy	eq	3.11.51__1.git.419.1af74df.el7
golang-github-openshift-oauth-proxy	eq	3.11.16__1.git.409.922769e.el7
golang-github-openshift-oauth-proxy	eq	3.11.43__1.git.419.03122b3.el7
openshift-enterprise-cluster-capacity	eq	3.11.16__1.git.380.1406f2f.el7
openshift-enterprise-cluster-capacity	eq	3.11.43__1.git.380.9cbcbb2.el7
openshift-enterprise-cluster-capacity	eq	3.10.83__1.git.375.44bdf09.el7
openshift-enterprise-cluster-capacity	eq	3.10.34__1.git.380.d83e536.el7

Rows per page:

1-10 of 9721

References

packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html

www.securityfocus.com/bid/106176

access.redhat.com/errata/RHBA-2019:0024

access.redhat.com/security/cve/CVE-2018-1000861

access.redhat.com/security/cve/CVE-2018-1000862

access.redhat.com/security/cve/CVE-2018-1000863

access.redhat.com/security/cve/CVE-2018-1000864

bugzilla.redhat.com/show_bug.cgi?id=1503735

bugzilla.redhat.com/show_bug.cgi?id=1514487

bugzilla.redhat.com/show_bug.cgi?id=1553070

bugzilla.redhat.com/show_bug.cgi?id=1566424

bugzilla.redhat.com/show_bug.cgi?id=1568472

bugzilla.redhat.com/show_bug.cgi?id=1568833

bugzilla.redhat.com/show_bug.cgi?id=1573128

bugzilla.redhat.com/show_bug.cgi?id=1605160

bugzilla.redhat.com/show_bug.cgi?id=1611248

bugzilla.redhat.com/show_bug.cgi?id=1612776

bugzilla.redhat.com/show_bug.cgi?id=1613438

bugzilla.redhat.com/show_bug.cgi?id=1614650

bugzilla.redhat.com/show_bug.cgi?id=1623333

bugzilla.redhat.com/show_bug.cgi?id=1624673

bugzilla.redhat.com/show_bug.cgi?id=1624998

bugzilla.redhat.com/show_bug.cgi?id=1625534

bugzilla.redhat.com/show_bug.cgi?id=1626988

bugzilla.redhat.com/show_bug.cgi?id=1628201

bugzilla.redhat.com/show_bug.cgi?id=1629716

bugzilla.redhat.com/show_bug.cgi?id=1631481

bugzilla.redhat.com/show_bug.cgi?id=1632155

bugzilla.redhat.com/show_bug.cgi?id=1632869

bugzilla.redhat.com/show_bug.cgi?id=1633504

bugzilla.redhat.com/show_bug.cgi?id=1634227

bugzilla.redhat.com/show_bug.cgi?id=1634303

bugzilla.redhat.com/show_bug.cgi?id=1635462

bugzilla.redhat.com/show_bug.cgi?id=1636914

bugzilla.redhat.com/show_bug.cgi?id=1638140

bugzilla.redhat.com/show_bug.cgi?id=1638699

bugzilla.redhat.com/show_bug.cgi?id=1639137

bugzilla.redhat.com/show_bug.cgi?id=1639201

bugzilla.redhat.com/show_bug.cgi?id=1640791

bugzilla.redhat.com/show_bug.cgi?id=1641397

bugzilla.redhat.com/show_bug.cgi?id=1641752

bugzilla.redhat.com/show_bug.cgi?id=1643417

bugzilla.redhat.com/show_bug.cgi?id=1644416

bugzilla.redhat.com/show_bug.cgi?id=1645164

bugzilla.redhat.com/show_bug.cgi?id=1647288

bugzilla.redhat.com/show_bug.cgi?id=1647793

bugzilla.redhat.com/show_bug.cgi?id=1648453

bugzilla.redhat.com/show_bug.cgi?id=1648832

bugzilla.redhat.com/show_bug.cgi?id=1649074

bugzilla.redhat.com/show_bug.cgi?id=1652224

bugzilla.redhat.com/show_bug.cgi?id=1652453

bugzilla.redhat.com/show_bug.cgi?id=1653380

bugzilla.redhat.com/show_bug.cgi?id=1654948

bugzilla.redhat.com/show_bug.cgi?id=1655675

bugzilla.redhat.com/show_bug.cgi?id=1656086

bugzilla.redhat.com/show_bug.cgi?id=1657252

bugzilla.redhat.com/show_bug.cgi?id=1658632

jenkins.io/security/advisory/2018-12-05/#SECURITY-595

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Related for VERACODE:19781