Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift 3.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2016-3738
Red Hat OpenShift Enterprise 3.2 does not properly restrict access to STI builds, which allows remote authenticated users to access the Docker socket and gain privileges via vectors related to build-pod.
Redhat Openshift 3.2
5.8
CVSSv2
CVE-2016-3726
Multiple open redirect vulnerabilities in Jenkins prior to 2.3 and LTS prior to 1.651.2 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs.
Jenkins Jenkins
Redhat Openshift 3.1
Redhat Openshift 3.2
5
CVSSv2
CVE-2016-1000232
NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been ...
Salesforce Tough-cookie
Ibm Api Connect
Ibm Api Connect 5.0.8.0
Redhat Openshift Container Platform 3.3
Redhat Openshift Container Platform 3.1
Redhat Openshift Container Platform 3.2
5
CVSSv2
CVE-2016-3725
Jenkins prior to 2.3 and LTS prior to 1.651.2 allows remote authenticated users to trigger updating of update site metadata by leveraging a missing permissions check. NOTE: this issue can be combined with DNS cache poisoning to cause a denial of service (service disruption).
Jenkins Jenkins
Redhat Openshift 3.1
Redhat Openshift 3.2
4.9
CVSSv2
CVE-2020-25639
A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions before 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 8.0
Redhat Messaging Realtime Grid 2.0
Redhat Openshift Container Platform 4.5
Redhat Openshift Container Platform 4.6
Redhat Openshift Container Platform 4.4
4
CVSSv2
CVE-2016-3721
Jenkins prior to 2.3 and LTS prior to 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables.
Redhat Openshift 3.1
Redhat Openshift 3.2
Jenkins Jenkins
4
CVSSv2
CVE-2016-3722
Jenkins prior to 2.3 and LTS prior to 1.651.2 allow remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the "full name."
Jenkins Jenkins
Redhat Openshift 3.1
Redhat Openshift 3.2
4
CVSSv2
CVE-2016-3724
Jenkins prior to 2.3 and LTS prior to 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration.
Redhat Openshift 3.1
Redhat Openshift 3.2
Jenkins Jenkins
4
CVSSv2
CVE-2016-3727
The API URL computer/(master)/api/xml in Jenkins prior to 2.3 and LTS prior to 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors.
Jenkins Jenkins
Redhat Openshift 3.2
Redhat Openshift 3.1
4
CVSSv2
CVE-2016-3723
Jenkins prior to 2.3 and LTS prior to 1.651.2 allow remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints.
Jenkins Jenkins
Redhat Openshift 3.1
Redhat Openshift 3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »