Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift container platform vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2019-10354
A vulnerability in the Stapler web framework used in Jenkins 2.185 and previous versions, LTS 2.176.1 and previous versions allowed malicious users to access view fragments directly, bypassing permission checks and possibly obtain sensitive information.
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
383
VMScore
CVE-2020-10743
It exists that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an malicious user to trick a user into performing arbitrary actions in OCP's distribution of...
Elastic Kibana -
Redhat Openshift Container Platform 4.6.1
Redhat Openshift Container Platform 3.11.286
894
VMScore
CVE-2019-7609
Kibana versions prior to 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing ...
Elastic Kibana
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
15 Github repositories
578
VMScore
CVE-2019-10356
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and previous versions related to the handling of method pointer expressions allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
578
VMScore
CVE-2019-10355
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and previous versions related to the handling of type casts allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
NA
CVE-2022-3466
The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP...
Kubernetes Cri-o -
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.12
356
VMScore
CVE-2019-10357
A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and previous versions allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.
Jenkins Pipeline\\ Shared Groovy Libraries
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
445
VMScore
CVE-2016-1000232
NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been ...
Salesforce Tough-cookie
Ibm Api Connect
Ibm Api Connect 5.0.8.0
Redhat Openshift Container Platform 3.3
Redhat Openshift Container Platform 3.1
Redhat Openshift Container Platform 3.2
356
VMScore
CVE-2019-10223
A security issue exists in the kube-state-metrics versions v1.7.0 and v1.7.1. An experimental feature was added to the v1.7.0 release that enabled annotations to be exposed as metrics. By default, the kube-state-metrics metrics only expose metadata about Secrets. However, a combi...
Kubernetes Kube-state-metrics 1.7.0
Kubernetes Kube-state-metrics 1.7.1
Redhat Openshift Container Platform 4.2
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
169
VMScore
CVE-2019-11244
In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If --cache-dir is specified and pointed at a different location accessible to othe...
Kubernetes Kubernetes
Netapp Trident -
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »