CVE-2015-3207
Missing Encryption of Sensitive Data in go/github.com/openshift/origin
Identifiers
GHSA-rqph-25q9-9jhp, CVE-2015-3207
Package Slug
go/github.com/openshift/origin
Vulnerability
Missing Encryption of Sensitive Data
Description
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.
Affected Versions
All versions before 1.0.0
Solution
Upgrade to version 1.0.0 or above.
Last Modified
2022-07-24
| source |