CVE-2013-0163Resource Exposure in Haproxy Cartridge

CWE-668Resource ExposureCWE-377Insecure Temporary File5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 68.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Openshift Haproxy CartridgeRedhat Openshift
Timeline
PublishedDec 5
Latest updateMay 5

Description

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDredhat/openshift1.0, 2.0+1

🔴Vulnerability Details

2
GHSA
GHSA-vmj2-j72r-pg54: OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS2022-05-05
CVEList
CVE-2013-0163: OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS2019-12-05

📋Vendor Advisories

1
Red Hat
cartridge: predictable /tmp in set-proxy connection hook2014-09-05

💬Community

1
Bugzilla
CVE-2013-0163 OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook2013-01-08
CVE-2013-0163 — Resource Exposure in Haproxy Cartridge | cvebase