Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift container platform 3.11 vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2019-10357
A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and previous versions allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.
Jenkins Pipeline\\ Shared Groovy Libraries
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
169
VMScore
CVE-2019-11244
In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If --cache-dir is specified and pointed at a different location accessible to othe...
Kubernetes Kubernetes
Netapp Trident -
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
312
VMScore
CVE-2018-10937
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s API as the victim.
Redhat Openshift Container Platform 3.11
356
VMScore
CVE-2020-1741
A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, coul...
Redhat Openshift Container Platform 3.11
356
VMScore
CVE-2019-10223
A security issue exists in the kube-state-metrics versions v1.7.0 and v1.7.1. An experimental feature was added to the v1.7.0 release that enabled annotations to be exposed as metrics. By default, the kube-state-metrics metrics only expose metadata about Secrets. However, a combi...
Kubernetes Kube-state-metrics 1.7.0
Kubernetes Kube-state-metrics 1.7.1
Redhat Openshift Container Platform 4.2
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
409
VMScore
CVE-2022-27652
A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with...
Kubernetes Cri-o -
Fedoraproject Fedora 35
Mobyproject Moby
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.0
578
VMScore
CVE-2019-1003003
An improper authorization vulnerability exists in Jenkins 2.158 and previous versions, LTS 2.150.1 and previous versions in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies ...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
383
VMScore
CVE-2019-1003010
A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and previous versions in src/main/java/hudson/plugins/git/GitTagAction.java that allows malicious users to create a Git tag in a workspace and attach corresponding metadata to a build record.
Jenkins Git
Redhat Openshift Container Platform 3.11
668
VMScore
CVE-2018-17246
Kibana versions prior to 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitra...
Elastic Kibana
Redhat Openshift Container Platform 3.11
4 Github repositories
578
VMScore
CVE-2019-1003004
An improper authorization vulnerability exists in Jenkins 2.158 and previous versions, LTS 2.150.1 and previous versions in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows malicious users to extend the duration of active HTTP sessions indefinit...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »