tuned-profiles-atomic-openshift-node vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the tuned-profiles-atomic-openshift-node package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Deserialization of Untrusted Data	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Insufficient Verification of Data Authenticity	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Cross-site Request Forgery (CSRF)	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Cross-site Request Forgery (CSRF)	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Cross-site Scripting (XSS)	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Improper Access Control	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Access Restriction Bypass	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Access Restriction Bypass	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Directory Traversal	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Information Exposure	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Information Exposure	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H CVE-2015-5319	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Cross-site Request Forgery (CSRF)	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Information Exposure	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Improper Access Control	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Cross-site Scripting (XSS)	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Cross-site Scripting (XSS)	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Improper Input Validation	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Improper Input Validation	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Link Following	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Access Restriction Bypass	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Cross-site Scripting (XSS)	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Information Exposure	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Improper Authorization	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Arbitrary Code Injection	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Directory Traversal	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Incorrect Authorization	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Information Exposure	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Resource Exhaustion	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Cross-site Scripting (XSS)	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Null Byte Interaction Error (Poison Null Byte)	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
M Incorrect Permission Assignment for Critical Resource	<0:3.1.1.6-6.git.43.f583589.el7aos
M Improper Input Validation	<0:3.3.1.4-1.git.0.7c8657c.el7
M Improper Input Validation	<0:3.1.0.4-1.git.15.5e061c3.el7aos
H Information Exposure	<0:3.2.0.20-1.git.0.f44746c.el7
H Access Restriction Bypass	<0:3.2.0.20-1.git.0.f44746c.el7
H Improper Authorization	<0:3.2.0.20-1.git.0.f44746c.el7
H Improper Input Validation	<0:3.2.1.7-1.git.0.2702170.el7
H Improper Input Validation	<0:3.2.1.21-1.git.0.4250771.el7
H Improper Input Validation	<0:3.3.1.7-1.git.0.0988966.el7
H Improper Input Validation	<0:3.1.1.10-1.git.0.efeef8d.el7aos
H Improper Certificate Validation	<0:3.3.0.35-1.git.0.d7bd9b6.el7
H Improper Certificate Validation	<0:3.1.1.8-1.git.0.d469026.el7aos
H Improper Certificate Validation	<0:3.2.1.17-1.git.0.6d01b60.el7
H Improper Access Control	<0:3.2.0.44-1.git.0.a4463d9.el7
H Improper Access Control	<0:3.2.0.44-1.git.0.a4463d9.el7
M Improper Authorization	<0:3.1.1.6-8.git.64.80b61da.el7aos
H Improper Authorization	<0:3.2.0.44-1.git.0.a4463d9.el7
C Authentication Bypass by Primary Weakness	<0:3.6.173.0.140-1.git.0.9686d52.el7
C Authentication Bypass by Primary Weakness	<0:3.2.1.34-2.git.20.6367d5d.el7
C Authentication Bypass by Primary Weakness	<0:3.3.1.46.45-1.git.0.2ce596e.el7
C Authentication Bypass by Primary Weakness	<0:3.5.5.31.80-1.git.0.c4a0780.el7
C Authentication Bypass by Primary Weakness	*
C Authentication Bypass by Primary Weakness	<0:3.7.72-1.git.0.925b9cd.el7
C Authentication Bypass by Primary Weakness	<0:3.4.1.44.57-1.git.0.a631031.el7
C Authentication Bypass by Primary Weakness	<0:3.8.44-1.git.0.9be0abd.el7
H Incomplete Blacklist	<0:3.6.173.0.21-1.git.0.f95b0e7.el7
H Cross-site Request Forgery (CSRF)	<0:3.6.173.0.21-1.git.0.f95b0e7.el7
M Improper Authentication	*
M Improper Authentication	*
M Improper Input Validation	*
H Cross-site Request Forgery (CSRF)	<0:3.6.173.0.21-1.git.0.f95b0e7.el7
M Improper Authentication	<0:3.4.1.44.38-1.git.0.d04b8d5.el7
M Improper Authentication	<0:3.7.9-1.git.0.7c71a2d.el7
M Improper Authentication	<0:3.5.5.31.47-1.git.0.25d535c.el7
M Improper Authentication	<0:3.6.173.0.63-1.git.0.855ea8b.el7
H Improper Authentication	<0:3.6.173.0.21-1.git.0.f95b0e7.el7
M Improper Authorization	*
M Improper Authorization	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
H Improper Authorization	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
H Improper Authorization	<0:3.1.1.6-1.git.0.b57e8bd.el7aos
C Improper Input Validation	<0:3.6.173.0.113-1.git.0.65fb9fb.el7
C Improper Input Validation	<0:3.7.44-1.git.0.6b061d4.el7
C Improper Input Validation	<0:3.1.1.11-4.git.3.12809c8.el7
C Improper Input Validation	<0:3.2.1.34-2.git.3.aad33c3.el7
C Improper Input Validation	<0:3.5.5.31.67-1.git.0.0a8cf24.el7
C Improper Input Validation	<0:3.4.1.44.53-1.git.0.d7eb028.el7
C Improper Input Validation	<0:3.8.37-1.git.0.e85a326.el7
C Improper Input Validation	<0:3.3.1.46.39-2.git.3.cc57f5b.el7
M Insufficient Entropy	<0:3.2.1.1-1.git.0.96f9555.el7
H Link Following	<0:3.5.5.31.48-1.git.4.ff6153e.el7
H Link Following	<0:3.7.23-1.git.5.83efd71.el7
H Link Following	<0:3.4.1.44.38-1.git.4.bb8df08.el7
H Link Following	<0:3.3.1.46.11-1.git.4.e236015.el7
H Link Following	<0:3.6.173.0.96-1.git.4.e6301f8.el7
H Link Following	<0:3.4.1.44.38-1.git.4.bb8df08.el7
H Link Following	<0:3.5.5.31.48-1.git.4.ff6153e.el7
H Link Following	<0:3.3.1.46.11-1.git.4.e236015.el7
H Link Following	<0:3.6.173.0.96-1.git.4.e6301f8.el7
H Link Following	<0:3.7.23-1.git.5.83efd71.el7
M Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
M Cross-site Request Forgery (CSRF)	*
C Out-of-bounds Write	<0:3.7.72-1.git.0.925b9cd.el7
H Out-of-bounds Write	*
H Out-of-bounds Write	*
H Out-of-bounds Write	*
H Out-of-bounds Write	<0:3.6.173.0.130-1.git.0.8d78a39.el7
H Out-of-bounds Write	*
H Out-of-bounds Write	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
L Authentication Bypass	*
L Authentication Bypass	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
H Improper Input Validation	<0:3.1.1.7-1.git.0.65f396b.el7aos
H Improper Input Validation	<0:3.2.1.15-1.git.0.d84be7f.el7
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*

tuned-profiles-atomic-openshift-node vulnerabilities

Direct Vulnerabilities

How to fix?