RCE in Redhat Openshift

CVE-2014-3496

cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file e…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.054 (90.3th percentile) — read the EPSS interpretation.

Affected products

Redhat Openshift — versions 1.2.8, 2.0, 2.0.1
Redhat Openshift_origin — versions 1.2.8, 2.1, 2.1.1
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

References

59298 (x_refsource_SECUNIA, third-party-advisory)
secalert@redhat.com (x_refsource_CONFIRM)
RHSA-2014:0764 (x_refsource_REDHAT, vendor-advisory)
RHSA-2014:0762 (x_refsource_REDHAT, vendor-advisory)
RHSA-2014:0763 (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM)