漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to overwrite arbitrary container images in internal registries and/or escalate their privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This affects github.com/openshift/builder v0.0.0-20210125201112-7901cb396121 and before.
CVSS Information
N/A
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
Red Hat OpenShift Container Platform 安全漏洞
Vulnerability Description
Red Hat OpenShift Container Platform是美国红帽(Red Hat)公司的一套可帮助企业在物理、虚拟和公共云基础架构之间开发、部署和管理现有基于容器的应用程序的应用平台。 Red Hat OpenShift Container Platform存在安全漏洞。该漏洞源于在构建期间,构建上下文之外的凭据会自动安装到正在构建的容器映像中。OpenShift用户可以重用凭证在构建期间的这个容器内执行代码,以覆盖内部注册中心中的任意容器映像,或升级其特权。
CVSS Information
N/A
Vulnerability Type
N/A