Описание
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.10 | atomic-openshift | Fix deferred | ||
| Red Hat OpenShift Container Platform 3.11 | atomic-openshift | Fix deferred | ||
| Red Hat OpenShift Container Platform 3.4 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.5 | atomic-openshift | Not affected | ||
| Red Hat OpenShift Container Platform 3.6 | atomic-openshift | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.7 | atomic-openshift | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.9 | atomic-openshift | Fix deferred | ||
| Red Hat OpenShift Container Platform 4.7 | openshift | Fixed | RHSA-2020:5634 | 24.02.2021 |
Показывать по
Дополнительная информация
Статус:
3.6 Low
CVSS3
Связанные уязвимости
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.
3.6 Low
CVSS3