Published: 01/08/2018 Updated: 12/02/2023

CVSS v2 Base Score: 2.7 | Impact Score: 2.9 | Exploitability Score: 5.1

CVSS v3 Base Score: 3.5 | Impact Score: 1.4 | Exploitability Score: 2.1

VMScore: 240

Vector: AV:A/AC:L/Au:S/C:P/I:N/A:N

An input validation flaw was found in the way OpenShift 3 handles requests for images. A user, with a copy of the manifest associated with an image, can pull an image even if they do not have access to the image normally, resulting in the disclosure of any information contained within the image.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat openshift 3.0
redhat openshift container platform 3.3
redhat openshift container platform 3.2
redhat openshift container platform 3.1

Synopsis Important: atomic-openshift security and bug fix update Type/Severity Security Advisory: Important Topic An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 31, 32, and 33Red Hat Product Security has rated this update as having a security impact of Important ...

An input validation flaw was found in the way OpenShift handles requests for images A user, with a copy of the manifest associated with an image, can pull an image even if they do not have access to the image normally, resulting in the disclosure of any information contained within the image ...

CWE-20 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8651 https://access.redhat.com/errata/RHSA-2016:2915 http://www.securityfocus.com/bid/94935 https://access.redhat.com/errata/RHSA-2016:2915 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2016-8651

CVE-2016-8651

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect