Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift - vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2019-10200
A flaw exists in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedule workloads on master nodes. Pods with permission to access the host network, running on master nodes, can retrieve security credentials for the mas...
Redhat Openshift Container Platform 4.0
9
CVSSv2
CVE-2014-0163
Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.
Redhat Openshift 1.0
Redhat Openshift 2.0
9
CVSSv2
CVE-2019-14287
In Sudo prior to 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER=...
Sudo Project Sudo
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Netapp Element Software Management Node -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
61 Github repositories
1 Article
9
CVSSv2
CVE-2016-0792
Multiple unspecified API endpoints in Jenkins prior to 1.650 and LTS prior to 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
Jenkins Jenkins
Redhat Openshift 3.1
2 EDB exploits
2 Metasploit modules
4 Github repositories
8.5
CVSSv2
CVE-2020-14352
A flaw was found in librepo in versions prior to 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on th...
Redhat Librepo
Opensuse Leap 15.2
Opensuse Backports Sle 15.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.8
CVSSv2
CVE-2022-1708
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and ...
Kubernetes Cri-o
Kubernetes Cri-o 1.24.0
Fedoraproject Fedora 36
Redhat Enterprise Linux 7.0
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Enterprise Linux 9.0
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform 4.9
7.8
CVSSv2
CVE-2020-27782
A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availa...
Redhat Jboss Fuse 6.0.0
Redhat Jboss Fuse 7.0.0
Redhat Openshift Application Runtimes -
Redhat Undertow 2.0.33
Redhat Undertow 2.2.3
Redhat Undertow 2.1.5
7.8
CVSSv2
CVE-2019-9511
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Software Collections 1.0
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Quay 3.0.0
Redhat Openshift Service Mesh 1.0
Redhat Jboss Enterprise Application Platform 7.3.0
Oracle Graalvm 19.2.0
1 Github repository
1 Article
7.8
CVSSv2
CVE-2019-9513
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consu...
Apple Swiftnio
Apache Traffic Server
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Software Collections 1.0
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Quay 3.0.0
Redhat Openshift Service Mesh 1.0
Redhat Jboss Enterprise Application Platform 7.3.0
Oracle Graalvm 19.2.0
1 Article
7.8
CVSSv2
CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer...
Apple Swiftnio
Apache Traffic Server
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 9.0
Synology Skynas -
Synology Diskstation Manager 6.2
Synology Vs960hd Firmware -
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Software Collections 1.0
Redhat Openshift Container Platform 3.9
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 3.10
Redhat Jboss Core Services 1.0
Redhat Enterprise Linux 8.0
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »