Vulnerabilities > Redhat > Openshift Origin
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-21 | CVE-2014-0084 | Improper Input Validation vulnerability in Redhat Openshift Origin Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly. | 5.5 |
2019-11-13 | CVE-2014-3592 | Cross-site Scripting vulnerability in Redhat Openshift Origin OpenShift Origin: Improperly validated team names could allow stored XSS attacks | 4.3 |
2016-06-08 | CVE-2016-3711 | Information Exposure vulnerability in Redhat Openshift and Openshift Origin HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFT_[namespace]_SERVERID" cookie. | 3.3 |
2016-06-08 | CVE-2016-2160 | Permissions, Privileges, and Access Controls vulnerability in Redhat Openshift and Openshift Origin Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image. | 9.0 |
2013-02-24 | CVE-2012-5658 | Cryptographic Issues vulnerability in Redhat Openshift and Openshift Origin rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent attackers to obtain sensitive information, as demonstrated by including log files or Bugzilla reports in support channels. | 2.1 |
2013-02-24 | CVE-2012-5647 | Improper Input Validation vulnerability in Redhat Openshift and Openshift Origin Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO. | 5.8 |