GHSA-m3fm-h5jp-q79p

Source

https://github.com/advisories/GHSA-m3fm-h5jp-q79p

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/12/GHSA-m3fm-h5jp-q79p/GHSA-m3fm-h5jp-q79p.json

Aliases

CVE-2016-1906

Published

2021-12-20T16:58:14Z

Modified

2023-11-08T03:58:23.180713Z

Details

Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.

References

https://nvd.nist.gov/vuln/detail/CVE-2016-1906
https://github.com/openshift/origin/issues/6556
https://github.com/openshift/origin/pull/6576
https://github.com/openshift/origin/commit/d95ec085f03ecf10e8c424a4f0340ddb38891406
https://access.redhat.com/errata/RHSA-2016:0070
https://access.redhat.com/errata/RHSA-2016:0351
https://access.redhat.com/security/cve/CVE-2016-1906
https://bugzilla.redhat.com/show_bug.cgi?id=1297916
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1906

Affected packages

Go / github.com/openshift/origin

Package

Name: github.com/openshift/origin

Affected ranges

Type: SEMVER
Events: Introduced

0The exact introduced commit is unknown

Fixed

1.1.1