CVE-2016-8651

An input validation flaw was found in the way OpenShift 3 handles requests for images. A user, with a copy of the manifest associated with an image, can pull an image even if they do not have access to the image normally, resulting in the disclosure of any information contained within the image.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8651 Issue Tracking Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:2915 Third Party Advisory
http://www.securityfocus.com/bid/94935 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:3.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:3.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:3.1:*:*:*:*:*:*:*

Information

Published : 2018-08-01 09:29

Updated : 2023-02-12 15:26


NVD link : CVE-2016-8651

Mitre link : CVE-2016-8651


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

redhat

  • openshift
  • openshift_container_platform