atomic-openshift: information leak
| Package(s): | atomic-openshift | CVE #(s): | CVE-2016-5392 | ||||
| Created: | July 15, 2016 | Updated: | July 20, 2016 | ||||
| Description: | From the Red Hat advisory: The Kubernetes API server contains a watch cache that speeds up performance. Due to an input validation error OpenShift Enterprise may return data for other users and projects when queried by a user. An attacker with knowledge of other project names could use this vulnerability to view their information. | ||||||
| Alerts: |
| ||||||