Описание
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Enterprise 1 | rubygem-openshift-origin-controller | Affected |
Показывать по
10
Дополнительная информация
Статус:
Important
Дефект:
CWE-78
https://bugzilla.redhat.com/show_bug.cgi?id=960363OpenShift: Potential remote command execution vulnerability in download cart url
7.5 High
CVSS2
Связанные уязвимости
CVSS3: 9.8
nvd
около 6 лет назад
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.
github
почти 4 года назад
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.
7.5 High
CVSS2