atomic-openshift-federation-services vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the atomic-openshift-federation-services package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
C Authentication Bypass by Primary Weakness	<0:3.9.51-1.git.0.dc3a40b.el7
C Authentication Bypass by Primary Weakness	<0:3.8.44-1.git.0.9be0abd.el7
C Authentication Bypass by Primary Weakness	<0:3.6.173.0.140-1.git.0.9686d52.el7
C Authentication Bypass by Primary Weakness	<0:3.7.72-1.git.0.925b9cd.el7
H Incomplete Blacklist	<0:3.6.173.0.21-1.git.0.f95b0e7.el7
H Cross-site Request Forgery (CSRF)	<0:3.6.173.0.21-1.git.0.f95b0e7.el7
M Improper Authentication	*
M Improper Authentication	*
H Improper Authentication	<0:3.9.102-1.git.0.6411f52.el7
M Improper Input Validation	*
M Improper Input Validation	<0:3.9.14-1.git.0.4efa2ca.el7
H Improper Authentication	<0:3.9.31-1.git.0.ef9737b.el7
H Improper Input Validation	<0:3.9.31-1.git.0.ef9737b.el7
H Cross-site Request Forgery (CSRF)	<0:3.6.173.0.21-1.git.0.f95b0e7.el7
M Improper Authentication	<0:3.6.173.0.63-1.git.0.855ea8b.el7
M Improper Authentication	<0:3.7.9-1.git.0.7c71a2d.el7
H Improper Authentication	<0:3.6.173.0.21-1.git.0.f95b0e7.el7
M Improper Authorization	*
M Improper Authorization	<0:3.9.14-1.git.0.4efa2ca.el7
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
H Improper Input Validation	<0:3.9.31-1.git.0.ef9737b.el7
C Improper Input Validation	<0:3.8.37-1.git.0.e85a326.el7
C Improper Input Validation	<0:3.6.173.0.113-1.git.0.65fb9fb.el7
C Improper Input Validation	<0:3.9.25-1.git.0.6bc473e.el7
C Improper Input Validation	<0:3.7.44-1.git.0.6b061d4.el7
H Link Following	<0:3.6.173.0.96-1.git.4.e6301f8.el7
H Link Following	<0:3.7.23-1.git.5.83efd71.el7
H Link Following	<0:3.6.173.0.96-1.git.4.e6301f8.el7
H Link Following	<0:3.7.23-1.git.5.83efd71.el7
M Link Following	<0:3.9.89-1.git.0.9454f2a.el7
M Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
M Link Following	<0:3.9.74-1.git.0.78e56ea.el7
C Out-of-bounds Write	<0:3.9.51-1.git.0.dc3a40b.el7
C Out-of-bounds Write	<0:3.7.72-1.git.0.925b9cd.el7
H Out-of-bounds Write	<0:3.6.173.0.130-1.git.0.8d78a39.el7
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	<0:3.9.30-1.git.0.dec1ba7.el7
M Privilege Context Switching Error	<0:3.9.30-1.git.0.dec1ba7.el7
L Authentication Bypass	*
L Authentication Bypass	*
L Authentication Bypass	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Information Exposure Through Log Files	*
H Link Following	<0:3.9.102-1.git.0.6411f52.el7
L Incorrect Permission Assignment for Critical Resource	*
H Resource Exhaustion	<0:3.9.102-1.git.0.6411f52.el7
H Directory Traversal	<0:3.9.102-1.git.0.6411f52.el7
H Improper Access Control	<0:3.9.101-1.git.0.150f595.el7
M Out-of-bounds Read	<0:3.9.60-1.git.0.f8b38ff.el7
M Improper Certificate Validation	*
M HTTP Request Smuggling	*
H Resource Exhaustion	<0:3.9.101-1.git.0.150f595.el7
H Resource Exhaustion	<0:3.9.101-1.git.0.150f595.el7
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*

Vulnerability

Vulnerable Version

Authentication Bypass by Primary Weakness

<0:3.9.51-1.git.0.dc3a40b.el7

Authentication Bypass by Primary Weakness

<0:3.8.44-1.git.0.9be0abd.el7

Authentication Bypass by Primary Weakness

<0:3.6.173.0.140-1.git.0.9686d52.el7

Authentication Bypass by Primary Weakness

<0:3.7.72-1.git.0.925b9cd.el7

Incomplete Blacklist

<0:3.6.173.0.21-1.git.0.f95b0e7.el7