Описание
The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This could allow a user with access to OpenShift to run images from registries that should not be allowed.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.10 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.7 | atomic-openshift | Affected | ||
| Red Hat OpenShift Container Platform 3.9 | ansible-asb-modules | Fixed | RHBA-2018:0489 | 28.03.2018 |
| Red Hat OpenShift Container Platform 3.9 | ansible-kubernetes-modules | Fixed | RHBA-2018:0489 | 28.03.2018 |
| Red Hat OpenShift Container Platform 3.9 | ansible-service-broker | Fixed | RHBA-2018:0489 | 28.03.2018 |
| Red Hat OpenShift Container Platform 3.9 | apb | Fixed | RHBA-2018:0489 | 28.03.2018 |
| Red Hat OpenShift Container Platform 3.9 | apb-base-scripts | Fixed | RHBA-2018:0489 | 28.03.2018 |
| Red Hat OpenShift Container Platform 3.9 | atomic-openshift | Fixed | RHBA-2018:0489 | 28.03.2018 |
| Red Hat OpenShift Container Platform 3.9 | atomic-openshift-dockerregistry | Fixed | RHBA-2018:0489 | 28.03.2018 |
| Red Hat OpenShift Container Platform 3.9 | atomic-openshift-web-console | Fixed | RHBA-2018:0489 | 28.03.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This could allow a user with access to OpenShift to run images from registries that should not be allowed.
The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This could allow a user with access to OpenShift to run images from registries that should not be allowed.
EPSS
4.3 Medium
CVSS3