A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hostname verification. An attacker can take advantage of this flaw by launching a man-in-the-middle attack and injecting malicious content.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2019-10-08T18:43:24

Updated: 2024-08-05T00:26:39.114Z

Reserved: 2019-08-10T00:00:00

Link: CVE-2019-14845

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-10-08T19:15:10.340

Modified: 2024-11-21T04:27:29.183

Link: CVE-2019-14845

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-10-07T00:00:00Z

Links: CVE-2019-14845 - Bugzilla