Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handled before passing it to etcd.
CVSS v2.0 Score
6.4
/ 10.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:P
Information
- Published
- 6 nov. 2015
- Updated
- 12 avr. 2025
- Status
- Deferred
- Source
- secalert@redhat.com
Affected products
redhat openshift
Versions : 3.0
Weaknesses (CWE)
CWE-22
References (4)
- https://access.redhat.com/errata/RHSA-2015:1945Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1273969Vendor Advisory
- https://access.redhat.com/errata/RHSA-2015:1945Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1273969Vendor Advisory
Similar CVEs
Other vulnerabilities of type CWE-22
Loading…
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.