Vulnerabilities > CVE-2018-14632 - Out-of-bounds Write vulnerability in multiple products

CVSS 7.7 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

redhat

starcounter-jack

CWE-787

nessus

NVD

Published: 2018-09-06

Updated: 2023-02-07

Summary

An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Openshift Container Platform 3.9 Redhat Openshift Container Platform 3.11 Redhat Openshift Container Platform 3.10 Redhat Openshift Container Platform - Redhat Openshift Container Platform 2.0 Redhat Openshift Container Platform 2.1 Redhat Openshift Container Platform 2.2 Redhat Openshift Container Platform 3.0 Redhat Openshift Container Platform 3.1 Redhat Openshift Container Platform 3.2 Redhat Openshift Container Platform 3.3 Redhat Openshift Container Platform 3.4 Redhat Openshift Container Platform 3.5 Redhat Openshift Container Platform 3.6 Redhat Openshift Container Platform 3.7	15
Application	Starcounter-Jack Starcounter Jack Json Patch -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Nessus

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2018-2654.NASL
description	Red Hat OpenShift Container Platform release 3.6.173.0.130 is now available with updates to packages that fix one security issue and several bugs. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-12
modified	2018-12-04
plugin id	119404
published	2018-12-04
reporter	This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119404
title	RHEL 7 : OpenShift Container Platform 3.6 (RHSA-2018:2654)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:2654. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(119404); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/11"); script_cve_id("CVE-2018-14632"); script_xref(name:"RHSA", value:"2018:2654"); script_name(english:"RHEL 7 : OpenShift Container Platform 3.6 (RHSA-2018:2654)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Red Hat OpenShift Container Platform release 3.6.173.0.130 is now available with updates to packages that fix one security issue and several bugs. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.173.0.130. See the following advisory for the container images for this release : https://access.redhat.com/errata/RHBA-2018:2655 This update fixes the following bug : * atomic-openshift: oc patch with json causes masterapi service crash (CVE-2018-14632) All OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Lars Haugan for reporting this issue. Bug Fix(es) : * Retries have been added to shared-resource-viewer update logic avoiding problems with object contention. (BZ#1507119) * Certificate expiry playbook run error (BZ#1509859) * Running metrics playbook for cleanup with Ansible 2.2.3 fails about field 'args' including invalid value (BZ#1550680)" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:2654" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-14632" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-cluster-capacity"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-docker-excluder"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-dockerregistry"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-excluder"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-federation-services"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-service-catalog"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-tests"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-utils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-callback-plugins"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-filter-plugins"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-lookup-plugins"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-playbooks"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:openshift-ansible-roles"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-paramiko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-paramiko-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:tuned-profiles-atomic-openshift-node"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/06"); script_set_attribute(attribute:"patch_publication_date", value:"2018/09/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/12/04"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2018:2654"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_exists(rpm:"atomic-openshift-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-clients-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-clients-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-clients-redistributable-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-clients-redistributable-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-cluster-capacity-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-cluster-capacity-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-docker-excluder-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"atomic-openshift-docker-excluder-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-dockerregistry-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-dockerregistry-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-excluder-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"atomic-openshift-excluder-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-federation-services-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-federation-services-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-master-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-master-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-node-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-node-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-pod-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-pod-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-sdn-ovs-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-sdn-ovs-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-service-catalog-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-service-catalog-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-tests-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"atomic-openshift-tests-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (rpm_exists(rpm:"atomic-openshift-utils-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"atomic-openshift-utils-3.6.173.0.130-1.git.0.22ddff9.el7")) flag++; if (rpm_exists(rpm:"openshift-ansible-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-3.6.173.0.130-1.git.0.22ddff9.el7")) flag++; if (rpm_exists(rpm:"openshift-ansible-callback-plugins-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-callback-plugins-3.6.173.0.130-1.git.0.22ddff9.el7")) flag++; if (rpm_exists(rpm:"openshift-ansible-docs-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-docs-3.6.173.0.130-1.git.0.22ddff9.el7")) flag++; if (rpm_exists(rpm:"openshift-ansible-filter-plugins-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-filter-plugins-3.6.173.0.130-1.git.0.22ddff9.el7")) flag++; if (rpm_exists(rpm:"openshift-ansible-lookup-plugins-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-lookup-plugins-3.6.173.0.130-1.git.0.22ddff9.el7")) flag++; if (rpm_exists(rpm:"openshift-ansible-playbooks-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-playbooks-3.6.173.0.130-1.git.0.22ddff9.el7")) flag++; if (rpm_exists(rpm:"openshift-ansible-roles-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", reference:"openshift-ansible-roles-3.6.173.0.130-1.git.0.22ddff9.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"python-paramiko-2.1.1-4.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"python-paramiko-doc-2.1.1-4.el7")) flag++; if (rpm_exists(rpm:"tuned-profiles-atomic-openshift-node-3.6", release:"RHEL7") && rpm_check(release:"RHEL7", cpu:"x86_64", reference:"tuned-profiles-atomic-openshift-node-3.6.173.0.130-1.git.0.8d78a39.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "atomic-openshift / atomic-openshift-clients / etc"); } }

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2018-2908.NASL
description	An update is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-01
modified	2020-06-02
plugin id	119407
published	2018-12-04
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119407
title	RHEL 7 : OpenShift Container Platform 3.9 (RHSA-2018:2908)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2018-2709.NASL
description	Red Hat OpenShift Container Platform release 3.10.66 is now available with updates to packages and images that fix several security, bug, and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-12
modified	2018-12-04
plugin id	119405
published	2018-12-04
reporter	This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119405
title	RHEL 7 : Red Hat OpenShift Container Platform 3.10 (RHSA-2018:2709)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2018-2906.NASL
description	An update is now available for Red Hat OpenShift Container Platform release 3.7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat
last seen	2020-06-01
modified	2020-06-02
plugin id	119406
published	2018-12-04
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/119406
title	RHEL 7 : OpenShift Container Platform 3.7 (RHSA-2018:2906)

Redhat

advisories

rhsa
id RHBA-2018:2652
rhsa
id RHSA-2018:2654
rhsa
id RHSA-2018:2709
rhsa
id RHSA-2018:2906
rhsa
id RHSA-2018:2908

rpms

ansible-asb-modules-0:0.3.1-1.el7
ansible-kubernetes-modules-0:0.4.0-8.el7
ansible-runner-0:1.1.0-2.el7
ansible-service-broker-0:3.11.7-334.git.6.e890179.el7_5
ansible-service-broker-container-scripts-0:3.11.7-334.git.6.e890179.el7_5
ansible-service-broker-selinux-0:3.11.7-334.git.6.e890179.el7_5
apb-0:1.9.7-1.el7_5
apb-base-scripts-0:1.3.6-1.el7
apb-container-scripts-0:1.9.7-1.el7_5
atomic-enterprise-service-catalog-1:3.11.16-1.git.1633.05087cb.el7
atomic-enterprise-service-catalog-svcat-1:3.11.16-1.git.1633.05087cb.el7
atomic-openshift-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-clients-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-clients-redistributable-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-cluster-autoscaler-0:3.11.16-1.git.0.8c8305e.el7
atomic-openshift-descheduler-0:3.11.16-1.git.300.abfab3c.el7
atomic-openshift-docker-excluder-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-dockerregistry-0:3.11.16-1.git.446.da6220e.el7
atomic-openshift-excluder-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-hyperkube-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-hypershift-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-master-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-metrics-server-0:3.11.16-1.git.52.9fd74a8.el7
atomic-openshift-node-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-node-problem-detector-0:3.11.16-1.git.198.95f4dfa.el7
atomic-openshift-pod-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-sdn-ovs-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-service-idler-0:3.11.16-1.git.14.a65cbf0.el7
atomic-openshift-template-service-broker-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-tests-0:3.11.16-1.git.0.b48b8f8.el7
atomic-openshift-web-console-0:3.11.16-1.git.289.ecf7441.el7
automation-broker-apb-role-0:3.11.7-334.git.6.e890179.el7_5
cockpit-debuginfo-0:176-2.el7
cockpit-kubernetes-0:176-2.el7
containernetworking-cni-0:0.5.2-5.el8+5
cri-o-0:1.11.5-2.rhaos3.11.git1c8a4b1.el7
cri-tools-0:1.11.1-1.rhaos3.11.gitedabfb5.el7_5
cri-tools-debuginfo-0:1.11.1-1.rhaos3.11.gitedabfb5.el7_5
csi-attacher-0:0.2.0-3.git27299be.el7
csi-attacher-debuginfo-0:0.2.0-3.git27299be.el7
csi-driver-registrar-0:0.2.0-1.el7
csi-driver-registrar-debuginfo-0:0.2.0-1.el7
csi-livenessprobe-0:0.0.1-1.gitff5b6a0.el7
csi-livenessprobe-debuginfo-0:0.0.1-1.gitff5b6a0.el7
csi-provisioner-0:0.2.0-2.el7
csi-provisioner-debuginfo-0:0.2.0-2.el7
dumb-init-0:1.1.3-12.el7
dumb-init-debuginfo-0:1.1.3-12.el7
elastic-curator-0:5.2.0-1.el7
fb303-0:0.9.1-15.el7
fb303-devel-0:0.9.1-15.el7
fb303-java-0:0.9.1-15.el7
fluentd-0:0.12.43-3.el7
fluentd-debuginfo-0:0.12.43-3.el7
fluentd-doc-0:0.12.43-3.el7
golang-github-openshift-oauth-proxy-0:3.11.16-1.git.409.922769e.el7
golang-github-openshift-prometheus-alert-buffer-0:0-2.gitceca8c1.el7
google-cloud-sdk-0:183.0.0-3.el7
haproxy-debuginfo-0:1.8.14-2.el7
haproxy18-0:1.8.14-2.el7
hawkular-openshift-agent-0:1.2.2-2.el7
heapster-0:1.3.0-3.el7
image-inspector-0:2.4.0-3.el7
jenkins-0:2.121.3.1534368708-1.el7
jenkins-2-plugins-0:3.11.1535566135-1.el7
kibana-0:5.6.10-1.el7
kibana-debuginfo-0:5.6.10-1.el7
libthrift-java-0:0.9.1-15.el7
libthrift-javadoc-0:0.9.1-15.el7
mariadb-apb-role-0:1.3.7-1.el7
mediawiki-0:1.27.4-8.el7
mediawiki-apb-role-0:1.3.3-1.el7
mediawiki-container-scripts-0:1.3.1-1.el7
mediawiki-doc-0:1.27.4-8.el7
mysql-apb-role-0:1.3.6-1.el7
openshift-ansible-0:3.11.16-1.git.0.4ac6f81.el7
openshift-ansible-docs-0:3.11.16-1.git.0.4ac6f81.el7
openshift-ansible-playbooks-0:3.11.16-1.git.0.4ac6f81.el7
openshift-ansible-roles-0:3.11.16-1.git.0.4ac6f81.el7
openshift-enterprise-autoheal-0:3.11.16-1.git.219.5443970.el7
openshift-enterprise-cluster-capacity-0:3.11.16-1.git.380.1406f2f.el7
openshift-eventrouter-0:0.1-2.git5bd9251.el7
openshift-eventrouter-debuginfo-0:0.1-2.git5bd9251.el7
openshift-external-storage-cephfs-provisioner-0:0.0.2-3.gitd3c94f0.el7
openshift-external-storage-debuginfo-0:0.0.2-3.gitd3c94f0.el7
openshift-external-storage-efs-provisioner-0:0.0.2-3.gitd3c94f0.el7
openshift-external-storage-local-provisioner-0:0.0.2-3.gitd3c94f0.el7
openshift-external-storage-manila-provisioner-0:0.0.2-3.gitd3c94f0.el7
openshift-external-storage-snapshot-controller-0:0.0.2-3.gitd3c94f0.el7
openshift-external-storage-snapshot-provisioner-0:0.0.2-3.gitd3c94f0.el7
openshift-monitor-project-lifecycle-0:3.11.16-1.git.59.354f5cd.el7
openshift-monitor-sample-app-0:3.11.16-1.git.5.2efc27d.el7
perl-IO-String-0:1.08-20.el7
perl-thrift-0:0.9.1-15.el7
podman-0:0.9.2-5.git37a2afe.el7_5
podman-debuginfo-0:0.9.2-5.git37a2afe.el7_5
postgresql-apb-role-0:1.3.8-1.el7
prometheus-0:3.11.16-1.git.5020.5e81ed1.el7
prometheus-alertmanager-0:3.11.16-1.git.0.be735ec.el7
prometheus-node-exporter-0:3.11.16-1.git.1056.1583d2a.el7
python-boto-0:2.34.0-5.el7
python-cachetools-0:1.0.3-1.el7
python-click-0:6.7-1.el7
python-elasticsearch-0:5.4.0-1.el7
python-fb303-0:0.9.1-15.el7
python-futures-0:3.0.3-2.el7
python-py-0:1.4.32-2.el7
python-ruamel-ordereddict-debuginfo-0:0.4.9-5.el7
python-ruamel-yaml-debuginfo-0:0.15.23-2.el7
python-thrift-0:0.9.1-15.el7
python2-boto3-0:1.4.0-1.el7
python2-botocore-0:1.4.57-5.el7
python2-certifi-0:2018.4.16-1.el7
python2-dictdiffer-0:0.6.1-1.el7
python2-google-auth-0:1.1.1-1.el7
python2-kubernetes-0:6.0.0-1.el7
python2-kubernetes-tests-0:6.0.0-1.el7
python2-mock-0:1.0.1-9.2.el7
python2-openshift-1:0.6.2-12.el7
python2-pysocks-0:1.5.7-4.el7
python2-rsa-0:3.4.1-1.el7
python2-ruamel-ordereddict-0:0.4.9-5.el7
python2-ruamel-yaml-0:0.15.23-2.el7
python2-s3transfer-0:0.1.3-1.el7
python2-string_utils-0:0.6.0-2.el7
python2-typing-0:3.5.2.2-3.el7
python2-urllib3-0:1.21.1-1.el7
python2-voluptuous-0:0.10.5-2.el7ost
rubygem-activesupport-1:4.2.10-1.el7
rubygem-activesupport-doc-1:4.2.10-1.el7
rubygem-addressable-0:2.5.2-1.el7
rubygem-addressable-doc-0:2.5.2-1.el7
rubygem-concurrent-ruby-0:1.0.5-1.el7
rubygem-concurrent-ruby-doc-0:1.0.5-1.el7
rubygem-cool.io-0:1.5.3-1.el7
rubygem-cool.io-debuginfo-0:1.5.3-1.el7
rubygem-cool.io-doc-0:1.5.3-1.el7
rubygem-docker-api-0:1.22.4-2.el7
rubygem-docker-api-doc-0:1.22.4-2.el7
rubygem-domain_name-0:0.5.20180417-1.el7
rubygem-domain_name-doc-0:0.5.20180417-1.el7
rubygem-elasticsearch-0:5.0.5-2.el7
rubygem-elasticsearch-api-0:5.0.5-1.el7
rubygem-elasticsearch-api-doc-0:5.0.5-1.el7
rubygem-elasticsearch-doc-0:5.0.5-2.el7
rubygem-elasticsearch-transport-0:5.0.5-1.el7
rubygem-elasticsearch-transport-doc-0:5.0.5-1.el7
rubygem-excon-0:0.62.0-1.el7
rubygem-excon-doc-0:0.62.0-1.el7
rubygem-faraday-0:0.15.2-1.el7
rubygem-faraday-doc-0:0.15.2-1.el7
rubygem-ffi-0:1.9.25-4.el7_5
rubygem-ffi-debuginfo-0:1.9.25-4.el7_5
rubygem-fluent-mixin-config-placeholders-0:0.4.0-1.el7
rubygem-fluent-mixin-config-placeholders-doc-0:0.4.0-1.el7
rubygem-fluent-plugin-docker_metadata_filter-0:0.1.1-2.el7
rubygem-fluent-plugin-docker_metadata_filter-doc-0:0.1.1-2.el7
rubygem-fluent-plugin-elasticsearch-0:1.17.2-1.el7
rubygem-fluent-plugin-elasticsearch-doc-0:1.17.2-1.el7
rubygem-fluent-plugin-flatten-hash-0:0.4.0-1.el7
rubygem-fluent-plugin-flatten-hash-doc-0:0.4.0-1.el7
rubygem-fluent-plugin-kubernetes_metadata_filter-0:1.2.0-1.el7
rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:1.2.0-1.el7
rubygem-fluent-plugin-prometheus-0:0.4.0-1.el7
rubygem-fluent-plugin-prometheus-doc-0:0.4.0-1.el7
rubygem-fluent-plugin-record-modifier-0:0.6.2-1.el7
rubygem-fluent-plugin-record-modifier-doc-0:0.6.2-1.el7
rubygem-fluent-plugin-remote-syslog-0:1.1-1.el7
rubygem-fluent-plugin-remote-syslog-doc-0:1.1-1.el7
rubygem-fluent-plugin-rewrite-tag-filter-0:1.5.6-1.el7
rubygem-fluent-plugin-rewrite-tag-filter-doc-0:1.5.6-1.el7
rubygem-fluent-plugin-secure-forward-0:0.4.5-1.el7
rubygem-fluent-plugin-secure-forward-doc-0:0.4.5-1.el7
rubygem-fluent-plugin-systemd-0:0.0.11-1.el7
rubygem-fluent-plugin-systemd-doc-0:0.0.11-1.el7
rubygem-fluent-plugin-viaq_data_model-0:0.0.14-1.el7
rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.14-1.el7
rubygem-http-0:0.9.8-2.el7
rubygem-http-cookie-0:1.0.3-1.el7
rubygem-http-cookie-doc-0:1.0.3-1.el7
rubygem-http-doc-0:0.9.8-2.el7
rubygem-http-form_data-0:1.0.3-1.el7
rubygem-http-form_data-doc-0:1.0.3-1.el7
rubygem-http_parser.rb-0:0.6.0-4.el7
rubygem-http_parser.rb-debuginfo-0:0.6.0-4.el7
rubygem-http_parser.rb-doc-0:0.6.0-4.el7
rubygem-i18n-0:0.9.5-1.el7
rubygem-i18n-doc-0:0.9.5-1.el7
rubygem-kubeclient-0:1.1.4-1.el7
rubygem-kubeclient-doc-0:1.1.4-1.el7
rubygem-lru_redux-0:1.1.0-2.el7
rubygem-lru_redux-doc-0:1.1.0-2.el7
rubygem-mime-types-0:3.2.2-2.el7
rubygem-mime-types-data-0:3.2018.0812-2.el7
rubygem-mime-types-data-doc-0:3.2018.0812-2.el7
rubygem-mime-types-doc-0:3.2.2-2.el7
rubygem-minitest-0:5.10.3-1.el7
rubygem-minitest-doc-0:5.10.3-1.el7
rubygem-msgpack-0:1.2.4-1.el7
rubygem-msgpack-debuginfo-0:1.2.4-1.el7
rubygem-msgpack-doc-0:1.2.4-1.el7
rubygem-multi_json-0:1.13.1-1.el7
rubygem-multi_json-doc-0:1.13.1-1.el7
rubygem-multipart-post-0:2.0.0-3.el7
rubygem-multipart-post-doc-0:2.0.0-3.el7
rubygem-netrc-0:0.11.0-1.el7
rubygem-netrc-doc-0:0.11.0-1.el7
rubygem-prometheus-client-0:0.8.0-1.el7
rubygem-prometheus-client-doc-0:0.8.0-1.el7
rubygem-proxifier-0:1.0.3-2.el7
rubygem-proxifier-doc-0:1.0.3-2.el7
rubygem-public_suffix-0:2.0.5-5.el7
rubygem-public_suffix-doc-0:2.0.5-5.el7
rubygem-quantile-0:0.2.1-1.el7
rubygem-quantile-doc-0:0.2.1-1.el7
rubygem-recursive-open-struct-0:1.0.0-2.el7
rubygem-recursive-open-struct-doc-0:1.0.0-2.el7
rubygem-resolve-hostname-0:0.1.0-1.el7
rubygem-resolve-hostname-doc-0:0.1.0-1.el7
rubygem-rest-client-0:2.0.2-1.el7
rubygem-sigdump-0:0.2.4-1.el7
rubygem-sigdump-doc-0:0.2.4-1.el7
rubygem-string-scrub-0:0.0.5-4.el7
rubygem-string-scrub-debuginfo-0:0.0.5-4.el7
rubygem-string-scrub-doc-0:0.0.5-4.el7
rubygem-syslog_protocol-0:0.9.2-1.el7
rubygem-syslog_protocol-doc-0:0.9.2-1.el7
rubygem-systemd-journal-0:1.3.3-2.el7
rubygem-systemd-journal-doc-0:1.3.3-2.el7
rubygem-thread_safe-0:0.3.6-1.el7
rubygem-thread_safe-doc-0:0.3.6-1.el7
rubygem-tzinfo-0:1.2.5-1.el7
rubygem-tzinfo-data-0:1.2018.5-1.el7
rubygem-tzinfo-data-doc-0:1.2018.5-1.el7
rubygem-tzinfo-doc-0:1.2.5-1.el7
rubygem-unf-0:0.1.4-5.el7
rubygem-unf-debuginfo-0:0.1.4-5.el7
rubygem-unf-doc-0:0.1.4-5.el7
rubygem-unf_ext-0:0.0.7.5-1.el7
rubygem-unf_ext-debuginfo-0:0.0.7.5-1.el7
rubygem-unf_ext-doc-0:0.0.7.5-1.el7
rubygem-uuidtools-0:2.1.5-2.el7
rubygem-uuidtools-doc-0:2.1.5-2.el7
rubygem-yajl-ruby-0:1.4.1-1.el7
rubygem-yajl-ruby-debuginfo-0:1.4.1-1.el7
rubygem-yajl-ruby-doc-0:1.4.1-1.el7
thrift-0:0.9.1-15.el7
thrift-debuginfo-0:0.9.1-15.el7
thrift-devel-0:0.9.1-15.el7
thrift-glib-0:0.9.1-15.el7
thrift-qt-0:0.9.1-15.el7
tini-0:0.16.1-1
tini-debuginfo-0:0.16.1-1
atomic-openshift-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-clients-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-clients-redistributable-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-cluster-capacity-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-docker-excluder-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-dockerregistry-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-excluder-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-federation-services-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-master-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-node-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-pod-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-sdn-ovs-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-service-catalog-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-tests-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-openshift-utils-0:3.6.173.0.130-1.git.0.22ddff9.el7
openshift-ansible-0:3.6.173.0.130-1.git.0.22ddff9.el7
openshift-ansible-callback-plugins-0:3.6.173.0.130-1.git.0.22ddff9.el7
openshift-ansible-docs-0:3.6.173.0.130-1.git.0.22ddff9.el7
openshift-ansible-filter-plugins-0:3.6.173.0.130-1.git.0.22ddff9.el7
openshift-ansible-lookup-plugins-0:3.6.173.0.130-1.git.0.22ddff9.el7
openshift-ansible-playbooks-0:3.6.173.0.130-1.git.0.22ddff9.el7
openshift-ansible-roles-0:3.6.173.0.130-1.git.0.22ddff9.el7
python-paramiko-0:2.1.1-4.el7
python-paramiko-doc-0:2.1.1-4.el7
tuned-profiles-atomic-openshift-node-0:3.6.173.0.130-1.git.0.8d78a39.el7
atomic-enterprise-service-catalog-1:3.10.66-1.git.1450.b758bdb.el7
atomic-enterprise-service-catalog-svcat-1:3.10.66-1.git.1450.b758bdb.el7
atomic-openshift-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-clients-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-clients-redistributable-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-descheduler-0:3.10.66-1.git.299.e466391.el7
atomic-openshift-docker-excluder-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-dockerregistry-0:3.10.66-1.git.390.77310f8.el7
atomic-openshift-excluder-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-hyperkube-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-hypershift-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-master-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-node-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-node-problem-detector-0:3.10.66-1.git.198.2fcf818.el7
atomic-openshift-pod-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-sdn-ovs-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-template-service-broker-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-tests-0:3.10.66-1.git.0.91d1e89.el7
atomic-openshift-web-console-0:3.10.66-1.git.389.adbeb58.el7
haproxy-debuginfo-0:1.8.14-2.el7
haproxy18-0:1.8.14-2.el7
image-inspector-0:2.4.0-3.el7
openshift-ansible-0:3.10.66-1.git.0.3c3a83a.el7
openshift-ansible-docs-0:3.10.66-1.git.0.3c3a83a.el7
openshift-ansible-playbooks-0:3.10.66-1.git.0.3c3a83a.el7
openshift-ansible-roles-0:3.10.66-1.git.0.3c3a83a.el7
openshift-enterprise-cluster-capacity-0:3.10.66-1.git.380.aef3728.el7
openshift-monitor-project-lifecycle-0:3.10.66-1.git.59.57c03d5.el7
perl-IO-String-0:1.08-20.el7
prometheus-node-exporter-0:3.10.66-1.git.1060.f6046fd.el7
python-py-0:1.4.32-2.el7
python-setuptools-0:17.1.1-4.el7
rubygem-ffi-0:1.9.25-4.el7_5
rubygem-ffi-debuginfo-0:1.9.25-4.el7_5
atomic-openshift-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-clients-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-clients-redistributable-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-cluster-capacity-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-docker-excluder-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-dockerregistry-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-excluder-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-federation-services-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-master-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-node-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-pod-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-sdn-ovs-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-service-catalog-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-template-service-broker-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-tests-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-utils-0:3.7.72-1.git.0.5c45a8a.el7
openshift-ansible-0:3.7.72-1.git.0.5c45a8a.el7
openshift-ansible-callback-plugins-0:3.7.72-1.git.0.5c45a8a.el7
openshift-ansible-docs-0:3.7.72-1.git.0.5c45a8a.el7
openshift-ansible-filter-plugins-0:3.7.72-1.git.0.5c45a8a.el7
openshift-ansible-lookup-plugins-0:3.7.72-1.git.0.5c45a8a.el7
openshift-ansible-playbooks-0:3.7.72-1.git.0.5c45a8a.el7
openshift-ansible-roles-0:3.7.72-1.git.0.5c45a8a.el7
tuned-profiles-atomic-openshift-node-0:3.7.72-1.git.0.925b9cd.el7
atomic-openshift-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-clients-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-clients-redistributable-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-cluster-capacity-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-docker-excluder-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-dockerregistry-0:3.9.51-1.git.353.7685923.el7
atomic-openshift-excluder-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-federation-services-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-master-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-node-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-pod-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-sdn-ovs-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-service-catalog-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-template-service-broker-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-tests-0:3.9.51-1.git.0.dc3a40b.el7
atomic-openshift-utils-0:3.9.51-1.git.0.c4968ca.el7
atomic-openshift-web-console-0:3.9.51-1.git.268.c379530.el7
fluentd-0:0.12.43-3.el7
fluentd-debuginfo-0:0.12.43-3.el7
fluentd-doc-0:0.12.43-3.el7
openshift-ansible-0:3.9.51-1.git.0.c4968ca.el7
openshift-ansible-docs-0:3.9.51-1.git.0.c4968ca.el7
openshift-ansible-playbooks-0:3.9.51-1.git.0.c4968ca.el7
openshift-ansible-roles-0:3.9.51-1.git.0.c4968ca.el7
openshift-elasticsearch-plugin-0:2.4.4.23__redhat_1-3.el7
prometheus-node-exporter-0:3.9.51-1.git.1060.2055e02.el7
rubygem-fluent-plugin-kubernetes_metadata_filter-0:1.0.3-2.el7
rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:1.0.3-2.el7

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Redhat

References