Nixpkgs Security Tracker

Untriaged

Permalink CVE-2022-4145

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): NONE

created 6 months, 1 week ago

Content spoofing

A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote, unauthenticated attacker to inject text into a webpage, enabling the obfuscation of a phishing operation.

References

https://access.redhat.com/security/cve/CVE-2022-4145 x_refsource_REDHAT vdb-entry
RHBZ#2148667 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2022-4145 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2148667 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2022-4145 x_refsource_REDHAT vdb-entry
RHBZ#2148667 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2022-4145 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2148667 issue-tracking x_refsource_REDHAT x_transferred

Affected products

openshift

Matching in nixpkgs

pkgs.openshift

Build, deploy, and manage your applications with Docker and Kubernetes

nixos-unstable -
- nixpkgs-unstable 4.16.0

pkgs.python312Packages.openshift

Python client for the OpenShift API

nixos-unstable -
- nixpkgs-unstable 0.13.2

pkgs.python313Packages.openshift

Python client for the OpenShift API

nixos-unstable -
- nixpkgs-unstable 0.13.2

pkgs.python312Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

nixos-unstable -
- nixpkgs-unstable 2.0.0

pkgs.python313Packages.azure-mgmt-redhatopenshift