RSS   Vulnerabilities for 'Origin'   RSS

2022-07-07
 
CVE-2015-3207

CWE-311
 
 
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.

 
2016-08-05
 
CVE-2015-8945

 
 
openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd journal.

 

Copyright 2024, cxsecurity.com

 

Back to Top