Описание
A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service (DoS) through Server-Side Request Forgery (SSRF) due to missing IP address and network-range validation when processing user-supplied image references.
EPSS
Процентиль: 12%
0.0004
Низкий
8.5 High
CVSS3
Дефекты
CWE-918
Связанные уязвимости
CVSS3: 8.5
github
около 2 месяцев назад
A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service (DoS) through Server-Side Request Forgery (SSRF) due to missing IP address and network-range validation when processing user-supplied image references.
EPSS
Процентиль: 12%
0.0004
Низкий
8.5 High
CVSS3
Дефекты
CWE-918