Описание
JSON-Patch Out-of-bounds Write vulnerability
An out of bound write can occur when patching an Openshift object using the oc patch functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-14632
- https://github.com/evanphx/json-patch/pull/57
- https://github.com/evanphx/json-patch/commit/4c9aadca8f89e349c999f04e28199e96e81aba03
- https://github.com/evanphx/json-patch/commit/4c9aadca8f89e349c999f04e28199e96e81aba03#diff-65c563bba473be9d94ce4d033f74810e
- https://access.redhat.com/errata/RHBA-2018:2652
- https://access.redhat.com/errata/RHSA-2018:2654
- https://access.redhat.com/errata/RHSA-2018:2709
- https://access.redhat.com/errata/RHSA-2018:2906
- https://access.redhat.com/errata/RHSA-2018:2908
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14632
- https://pkg.go.dev/vuln/GO-2021-0076
Пакеты
github.com/evanphx/json-patch
< 0.5.2
0.5.2
github.com/evanphx/json-patch
>= 3.0.0, < 3.0.1-0.20180525145409-4c9aadca8f89
3.0.1-0.20180525145409-4c9aadca8f89
Связанные уязвимости
An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.
An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.
An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.