CVE-2018-14632

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-14632

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14632.json

Aliases

GHSA-gxhv-3hwf-wjp9
GO-2021-0076

Published

2018-09-06T14:29:00Z

Modified

2023-11-29T06:26:38.728509Z

Details

An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.

References

https://access.redhat.com/errata/RHBA-2018:2652
https://access.redhat.com/errata/RHSA-2018:2654
https://access.redhat.com/errata/RHSA-2018:2709
https://access.redhat.com/errata/RHSA-2018:2906
https://access.redhat.com/errata/RHSA-2018:2908
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14632
https://github.com/evanphx/json-patch/commit/4c9aadca8f89e349c999f04e28199e96e81aba03#diff-65c563bba473be9d94ce4d033f74810e

Affected packages

Git / github.com/evanphx/json-patch

Affected ranges

Type: GIT
Repo: https://github.com/evanphx/json-patch
Events: Introduced

0The exact introduced commit is unknown

Fixed

4c9aadca8f89e349c999f04e28199e96e81aba03

Affected versions

v3.*

v3.0.0