Filtered by vendor Redhat
Subscriptions
Filtered by product Openshift Origin
Subscriptions
Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5658 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-08-06 | N/A |
| rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent attackers to obtain sensitive information, as demonstrated by including log files or Bugzilla reports in support channels. | ||||
| CVE-2012-5646 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-08-06 | N/A |
| node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATH_INFO. | ||||
| CVE-2012-5647 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-08-06 | N/A |
| Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO. | ||||
| CVE-2013-0164 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-08-06 | N/A |
| The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp. | ||||
| CVE-2014-3592 | 1 Redhat | 1 Openshift Origin | 2024-08-06 | 6.1 Medium |
| OpenShift Origin: Improperly validated team names could allow stored XSS attacks | ||||
| CVE-2014-3496 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-08-06 | N/A |
| cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file. | ||||
| CVE-2014-0084 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-08-06 | 5.5 Medium |
| Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly. | ||||
| CVE-2015-5250 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-08-06 | N/A |
| The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data. | ||||
| CVE-2016-3711 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-08-06 | N/A |
| HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFT_[namespace]_SERVERID" cookie. | ||||
| CVE-2016-2160 | 1 Redhat | 2 Openshift, Openshift Origin | 2024-08-05 | N/A |
| Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image. | ||||
Page 1 of 1.