Redhat: >> Openshift Origin >> 2.1.1 Security Vulnerabilities
Ruby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-21
OpenShift Origin: Improperly validated team names could allow stored XSS attacks
CVSS Score
6.1
EPSS Score
0.003
Published
2019-11-13
cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file.
CVSS Score
10.0
EPSS Score
0.057
Published
2014-06-20