A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat openshift 3.7 |
||
redhat openshift 3.6 |
||
redhat openshift 3.8 |
||
redhat openshift 3.9 |
||
redhat openshift 3.10 |
||
redhat openshift 3.11 |
||
redhat openshift 4.1 |