CVE-2017-15137

The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This could allow a user with access to OpenShift to run images from registries that should not be allowed.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*

History

12 Feb 2023, 23:28

Type Values Removed Values Added
References
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1566191', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1566191', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2017-15137', 'name': 'https://access.redhat.com/security/cve/CVE-2017-15137', 'tags': [], 'refsource': 'MISC'}

02 Feb 2023, 21:17

Type Values Removed Values Added
References
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1566191 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2017-15137 -

Information

Published : 2018-07-16 20:29

Updated : 2023-12-10 12:44


NVD link : CVE-2017-15137

Mitre link : CVE-2017-15137

CVE.ORG link : CVE-2017-15137


JSON object : View

Products Affected

redhat

  • openshift_container_platform
  • openshift
CWE
CWE-20

Improper Input Validation