CVE-2013-0163

Опубликовано: 05 сент. 2014

Источник: redhat

CVSS2: 3.6

EPSS Низкий

Описание

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS

Отчет

This issue affects the versions of the haproxy cartridge as shipped with Red Hat OpenShift Enterprise 1 and 2. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/. Additionally OpenShift uses a per user poly-instantiated /tmp directory which makes exploitation of this issue very difficult.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
OpenShift Enterprise 1	openshift-origin-cartridge-haproxy	Will not fix
Red Hat OpenShift Enterprise 2	openshift-origin-cartridge-haproxy	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-377

https://bugzilla.redhat.com/show_bug.cgi?id=892909cartridge: predictable /tmp in set-proxy connection hook

EPSS

Процентиль: 32%

0.00122

Низкий

3.6 Low

CVSS2

Связанные уязвимости

CVE-2013-0163

CVSS3: 5.5

nvd

около 6 лет назад

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS

GHSA-vmj2-j72r-pg54

github

почти 4 года назад

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS

EPSS

Процентиль: 32%

0.00122

Низкий

3.6 Low

CVSS2