Openshift : Security Vulnerabilities, CVEs,
openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd journal.
Max CVSS
5.1
EPSS Score
0.07%
Published
2016-08-05
Updated
2016-08-05
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.
Max CVSS
5.3
EPSS Score
0.07%
Published
2022-07-07
Updated
2022-07-14
2 vulnerabilities found