Openshift Origin

openshift_origin

Vendor: Redhat • 10 CVEs

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-0084 1Redhat 1Openshift Origin Nov 21, 2024 Nov 21, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.
CVE-2014-3592 1Redhat 1Openshift Origin Nov 21, 2024 Nov 13, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 OpenShift Origin: Improperly validated team names could allow stored XSS attacks
CVE-2016-3711 1Redhat 2Openshift Openshift Origin May 6, 2026 Jun 8, 2016 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFT_[namespace]_SERVERID" cookie.
CVE-2016-2160 1Redhat 2Openshift Openshift Origin May 6, 2026 Jun 8, 2016 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image.
CVE-2015-5250 1Redhat 1Openshift Origin May 6, 2026 Sep 8, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data.
CVE-2014-3496 1Redhat 2Openshift Openshift Origin May 6, 2026 Jun 20, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz,...Show more cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file.Show less
CVE-2013-0164 1Redhat 2Openshift Openshift Origin Apr 29, 2026 Feb 24, 2013 N/A· v4 N/A· v3 3.6 LOW· v2 The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in...Show more The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.Show less
CVE-2012-5658 1Redhat 2Openshift Openshift Origin Apr 29, 2026 Feb 24, 2013 N/A· v4 N/A· v3 2.1 LOW· v2 rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent attackers to obtain sensitive information...Show more rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent attackers to obtain sensitive information, as demonstrated by including log files or Bugzilla reports in support channels.Show less
CVE-2012-5647 1Redhat 2Openshift Openshift Origin Apr 29, 2026 Feb 24, 2013 N/A· v4 N/A· v3 5.8 MEDIUM· v2 Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PAT...Show more Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO.Show less
CVE-2012-5646 1Redhat 2Openshift Openshift Origin Apr 29, 2026 Feb 24, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATH_INFO.