Untriaged
Openshift: existing cross-site request forgery protection insufficient for websocket creation
A flaw was found in OpenShift. The existing Cross-Site Request Forgery (CSRF) protections in place do not properly protect GET requests, allowing for the creation of WebSockets via CSRF.
Affected products
openshift
Matching in nixpkgs
pkgs.openshift
Build, deploy, and manage your applications with Docker and Kubernetes
-
nixos-unstable -
- nixpkgs-unstable 4.16.0
pkgs.python312Packages.openshift
Python client for the OpenShift API
-
nixos-unstable -
- nixpkgs-unstable 0.13.2
pkgs.python313Packages.openshift
Python client for the OpenShift API
-
nixos-unstable -
- nixpkgs-unstable 0.13.2
pkgs.python312Packages.azure-mgmt-redhatopenshift
Microsoft Azure Red Hat Openshift Management Client Library for Python
-
nixos-unstable -
- nixpkgs-unstable 2.0.0
pkgs.python313Packages.azure-mgmt-redhatopenshift
Microsoft Azure Red Hat Openshift Management Client Library for Python
-
nixos-unstable -
- nixpkgs-unstable 2.0.0
Package maintainers
-
@stehessel Stephan Heßelmann <stephan@stehessel.de>
-
@moretea Maarten Hoogendoorn <maarten@moretea.nl>
-
@offlinehacker Jaka Hudoklin <jaka@x-truder.net>
-
@teto Matthieu Coudron <mcoudron@hotmail.com>