Red Hat Openshift Origin
By the Year
In 2023 there have been 0 vulnerabilities in Red Hat Openshift Origin . Openshift Origin did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 5.50 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Openshift Origin vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Openshift Origin Security Vulnerabilities
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout
CVE-2014-0084
5.5 - Medium
- November 21, 2019
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.
Improper Input Validation
HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin
CVE-2016-3711
3.3 - Low
- June 08, 2016
HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFT_[namespace]_SERVERID" cookie.
Information Disclosure
The API server in OpenShift Origin 1.0.5
CVE-2015-5250
- September 08, 2015
The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data.
Improper Input Validation
cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1
CVE-2014-3496
- June 20, 2014
cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file.
Code Injection
The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1
CVE-2013-0164
- February 24, 2013
The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
Permissions, Privileges, and Access Controls
node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3
CVE-2012-5646
- February 24, 2013
node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATH_INFO.
Improper Input Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Openshift or by Red Hat? Click the Watch button to subscribe.
