UBUNTU-CVE-2018-14632

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2018-14632
Published: 06 Sept 2018, 14:29
Last modified:20 May 2026, 16:03

Vulnerability Summary

Overall Risk (default)
medium
31/100
CVSS Score
7.7 HIGH
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

06 Sept 2018, 14:29
Published
Vulnerability first disclosed
20 May 2026, 16:03
Last Modified
Vulnerability information updated

Description

An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.

CVSS Metrics

  • v3.1HIGHScore: 7.7CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  • v3.0HIGHScore: 7.7CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected Systems

  • ubuntugolang-github-evanphx-json-patch

    all | all | all | all | all | all | all

References (4)