CVE-2015-3207

Missing Encryption of Sensitive Data in go/github.com/openshift/origin

Identifiers

GHSA-rqph-25q9-9jhp, CVE-2015-3207

Package Slug

go/github.com/openshift/origin

Vulnerability

Missing Encryption of Sensitive Data

Description

In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.

Affected Versions

All versions before 1.0.0

Solution

Upgrade to version 1.0.0 or above.

Last Modified

2022-07-24

source