CVE-2014-0163

Опубликовано: 03 дек. 2014

Источник: redhat

CVSS2: 8.5

EPSS Низкий

Описание

Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.

Отчет

This issue affects the versions of rubygem-openshift-origin-node as shipped with Red Hat OpenShift Enterprise 2. Red Hat Product Security has rated this issue as having Important security impact, however this issue only affects systems using a non supported configuration (e.g. broker and node on the same host, or untrusted users on the broker servers). A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
OpenShift Enterprise 1	rubygem-openshift-origin-node	Will not fix
Red Hat OpenShift Enterprise 2	rubygem-openshift-origin-node	Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-78

https://bugzilla.redhat.com/show_bug.cgi?id=1083858Openshift: Multiple shell command injection flaws

EPSS

Процентиль: 82%

0.01787

Низкий

8.5 High

CVSS2

Связанные уязвимости

CVE-2014-0163

CVSS3: 8.8

nvd

около 6 лет назад

Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.

GHSA-vr5q-rw5h-fh9q

CVSS3: 8.8

github

больше 3 лет назад

Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.

EPSS

Процентиль: 82%

0.01787

Низкий

8.5 High

CVSS2