Nixpkgs Security Tracker

Untriaged

Permalink CVE-2022-3248

4.4 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): HIGH
Availability impact (A): NONE

created 6 months, 1 week ago

Openshift api admission checks does not enforce "custom-host" permissions

A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.

References

https://access.redhat.com/security/cve/CVE-2022-3248 x_refsource_REDHAT vdb-entry
RHBZ#2072188 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2022-3248 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2072188 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2022-3248 x_refsource_REDHAT vdb-entry
RHBZ#2072188 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2022-3248 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2072188 issue-tracking x_refsource_REDHAT x_transferred

Affected products

openshift

kubernetes

atomic-openshift

openshift-clients

rhacm2/agent-service-rhel8

Matching in nixpkgs

pkgs.openshift

Build, deploy, and manage your applications with Docker and Kubernetes

nixos-unstable -
- nixpkgs-unstable 4.16.0

pkgs.kubernetes

Production-Grade Container Scheduling and Management

nixos-unstable -
- nixpkgs-unstable 1.33.4

pkgs.kubernetes-kcp

Kubernetes-like control planes for form-factors and use-cases beyond Kubernetes and container workloads

nixos-unstable -
- nixpkgs-unstable 0.28.1

pkgs.kubernetes-helm

Package manager for kubernetes

nixos-unstable -
- nixpkgs-unstable 3.19.0

pkgs.kubernetes-polaris

Validate and remediate Kubernetes resources to ensure configuration best practices are followed

nixos-unstable -
- nixpkgs-unstable 10.1.1

pkgs.kubernetes-validate

Module to validate Kubernetes resource definitions against the declared Kubernetes schemas

nixos-unstable -
- nixpkgs-unstable 1.33.1

pkgs.kubernetes-metrics-server

Kubernetes container resource metrics collector

nixos-unstable -
- nixpkgs-unstable 0.6.4

pkgs.python312Packages.openshift

Python client for the OpenShift API

nixos-unstable -
- nixpkgs-unstable 0.13.2

pkgs.python313Packages.openshift

Python client for the OpenShift API

nixos-unstable -
- nixpkgs-unstable 0.13.2

pkgs.python312Packages.kubernetes

Kubernetes Python client

nixos-unstable -
- nixpkgs-unstable 33.1.0

pkgs.python313Packages.kubernetes

Kubernetes Python client

nixos-unstable -
- nixpkgs-unstable 33.1.0

pkgs.dhallPackages.dhall-kubernetes

None

nixos-unstable -
- nixpkgs-unstable 3.0.0-3c6d09a9409977cdde58a091d76a6d20509ca4b0

pkgs.haskellPackages.kubernetes-api

Auto-generated kubernetes-api API Client

nixos-unstable -
- nixpkgs-unstable 132.0.0

pkgs.terraform-providers.kubernetes

None

nixos-unstable -
- nixpkgs-unstable 2.38.0

pkgs.python312Packages.kubernetes-asyncio

Python asynchronous client library for Kubernetes http://kubernetes.io

nixos-unstable -
- nixpkgs-unstable 33.3.0

pkgs.python313Packages.kubernetes-asyncio

Python asynchronous client library for Kubernetes http://kubernetes.io

nixos-unstable -
- nixpkgs-unstable 33.3.0

pkgs.haskellPackages.kubernetes-api-client

Client library for Kubernetes

nixos-unstable -
- nixpkgs-unstable 0.6.1.1

pkgs.python312Packages.kubernetes-validate

Module to validate Kubernetes resource definitions against the declared Kubernetes schemas

nixos-unstable -
- nixpkgs-unstable 1.33.1

pkgs.python313Packages.kubernetes-validate

Module to validate Kubernetes resource definitions against the declared Kubernetes schemas

nixos-unstable -
- nixpkgs-unstable 1.33.1

pkgs.python312Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

nixos-unstable -
- nixpkgs-unstable 2.0.0

pkgs.python313Packages.azure-mgmt-redhatopenshift

Microsoft Azure Red Hat Openshift Management Client Library for Python

nixos-unstable -
- nixpkgs-unstable 2.0.0

pkgs.vscode-extensions.ms-kubernetes-tools.vscode-kubernetes-tools

None

nixos-unstable -
- nixpkgs-unstable 1.3.26

Package maintainers

@johanot Johan Thomsen <write@ownrisk.dk>
@saschagrunert Sascha Grunert <mail@saschagrunert.de>
@offlinehacker Jaka Hudoklin <jaka@x-truder.net>
@srhb Sarah Brofeldt <sbrofeldt@gmail.com>
@rlupton20 Richard Lupton <richard.lupton@gmail.com>
@edude03 Michael Francis <michael@melenion.com>
@techknowlogick techknowlogick <techknowlogick@gitea.com>
@Chili-Man Diego Rodriguez <dr.elhombrechile@gmail.com>
@Frostman Sergei Lukianov <me@slukjanov.name>
@rytswd Ryota <rytswd@gmail.com>
@eskytthe Erik Skytthe <eskytthe@gmail.com>
@LongerHV Michał Mieszczak <michal@mieszczak.com.pl>
@Lykos153 Silvio Ankermann <silvio.ankermann@cloudandheat.com>
@stehessel Stephan Heßelmann <stephan@stehessel.de>
@moretea Maarten Hoogendoorn <maarten@moretea.nl>
@lsix Lancelot SIX <lsix@lancelotsix.com>
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
@teto Matthieu Coudron <mcoudron@hotmail.com>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.openshift

pkgs.kubernetes

pkgs.kubernetes-kcp

pkgs.kubernetes-helm

pkgs.kubernetes-polaris

pkgs.kubernetes-validate

pkgs.kubernetes-metrics-server

pkgs.python312Packages.openshift

pkgs.python313Packages.openshift

pkgs.python312Packages.kubernetes

pkgs.python313Packages.kubernetes

pkgs.dhallPackages.dhall-kubernetes

pkgs.haskellPackages.kubernetes-api

pkgs.terraform-providers.kubernetes

pkgs.python312Packages.kubernetes-asyncio

pkgs.python313Packages.kubernetes-asyncio

pkgs.haskellPackages.kubernetes-api-client

pkgs.python312Packages.kubernetes-validate

pkgs.python313Packages.kubernetes-validate

pkgs.python312Packages.azure-mgmt-redhatopenshift

pkgs.python313Packages.azure-mgmt-redhatopenshift

pkgs.vscode-extensions.ms-kubernetes-tools.vscode-kubernetes-tools

Package maintainers