CVE-2014-3496 vulnerability in Red Hat Products
Published on June 20, 2014

cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2014-3496

stack.watch emails you whenever new vulnerabilities are published in Red Hat Openshift Origin or Red Hat Openshift. Just hit a watch button to start following.

Red Hat Openshift Origin

Red Hat Openshift

Exploit Probability

EPSS

5.41%

Percentile

90.04%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2014-3496 vulnerability in Red Hat ProductsPublished on June 20, 2014

Products Associated with CVE-2014-3496

Exploit Probability

CVE-2014-3496 vulnerability in Red Hat Products
Published on June 20, 2014