Vulnerabilities > Redhat > Openshift
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-01 | CVE-2012-2125 | URI Redirection vulnerability in RubyGems RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for remote attackers to observe or modify a gem during installation via a man-in-the-middle attack. | 5.8 |
| 2013-02-24 | CVE-2012-5658 | Cryptographic Issues vulnerability in Redhat Openshift and Openshift Origin rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent attackers to obtain sensitive information, as demonstrated by including log files or Bugzilla reports in support channels. | 2.1 |
| 2013-02-24 | CVE-2012-5647 | Improper Input Validation vulnerability in Redhat Openshift and Openshift Origin Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO. | 5.8 |