Improper Validation of User Input in Openshift Enterprise Source-to-Image (S2I) Tool

Improper Validation of User Input in Openshift Enterprise Source-to-Image (S2I) Tool

CVE-2018-1103 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Openshift Enterprise source-to-image before version 1.1.10 is vulnerable to an improper validation of user input. An attacker who could trick a user into using the command to copy files locally, from a pod, could override files outside of the target directory of the command.

Learn more about our User Device Pen Test.