Lucene search
RedHatRHSA-2014:0529HistoryMay 21, 2014 - 12:00 a.m.
(RHSA-2014:0529) Important: rubygem-openshift-origin-node security update
2014-05-2100:00:00
access.redhat.com
10
0.004 Low
EPSS
Percentile
72.6%
The rubygem-openshift-origin-node package provides basic OpenShift node
functionality.
A command injection flaw was found in rubygem-openshift-origin-node.
A remote, authenticated user permitted to run cartridges via the web
interface could use this flaw to execute arbitrary code with root
privileges on the Red Hat OpenShift node server. (CVE-2014-0233)
This issue was discovered by Jeremy Choi of the Red Hat HSS Pen-test Team.
All rubygem-openshift-origin-node users are advised to upgrade to this
updated package, which contains a backported patch to correct this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | noarch | rubygem-openshift-origin-node | < 1.17.5.16-1.el6op | rubygem-openshift-origin-node-1.17.5.16-1.el6op.noarch.rpm |
| RedHat | 6 | src | rubygem-openshift-origin-node | < 1.17.5.16-1.el6op | rubygem-openshift-origin-node-1.17.5.16-1.el6op.src.rpm |
Related
cvelist
cvelist
CVE-2014-0233
2014-11-16 11:00:00
redhat
redhat
(RHSA-2014:0530) Important: rubygem-openshift-origin-node security update
2014-05-21 00:00:00
prion
prion
Design/Logic Flaw
2014-11-16 11:59:00
nessus
nessus
RHEL 6 : rubygem-openshift-origin-node (RHSA-2014:0529)
2018-12-04 00:00:00
RHEL 6 : rubygem-openshift-origin-node (RHSA-2014:0530)
2018-12-04 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:01:55
nvd
nvd
CVE-2014-0233
2014-11-16 11:59:01
cve
cve
CVE-2014-0233
2014-11-16 11:59:01