Openshift: >> Origin Security Vulnerabilities
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-07-07
openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd journal.
CVSS Score
5.1
EPSS Score
0.001
Published
2016-08-05