Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift 3.11 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6476
A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node.
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.13
Redhat Openshift Container Platform 4.14
4
CVSSv2
CVE-2018-1000862
An information exposure vulnerability exists in Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in DirectoryBrowserSupport.java that allows attackers with the ability to control build output to browse the file system on agents running builds beyond the dura...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
4
CVSSv2
CVE-2018-1000864
A denial of service vulnerability exists in Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
10
CVSSv2
CVE-2018-1000861
A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows malicious users to invoke some methods on Java objects by...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
13 Github repositories
6.4
CVSSv2
CVE-2018-1000863
A data modification vulnerability exists in Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in User.java, IdStrategy.java that allows malicious users to submit crafted user names that can cause an improper migration of user record storage formats, potential...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
7.5
CVSSv2
CVE-2018-17246
Kibana versions prior to 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitra...
Elastic Kibana
Redhat Openshift Container Platform 3.11
4 Github repositories
4.3
CVSSv2
CVE-2019-3826
A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus before version 2.7.1. An attacker could exploit this by convincing an authenticated user to visit a crafted URL on a Prometheus server, allowing for the execution and persistent storage of arbitrary scri...
Prometheus Prometheus
Redhat Openshift Container Platform 3.11
6.5
CVSSv2
CVE-2019-1003004
An improper authorization vulnerability exists in Jenkins 2.158 and previous versions, LTS 2.150.1 and previous versions in core/src/main/java/hudson/security/AuthenticationProcessingFilter2.java that allows malicious users to extend the duration of active HTTP sessions indefinit...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
4.3
CVSSv2
CVE-2019-1003010
A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and previous versions in src/main/java/hudson/plugins/git/GitTagAction.java that allows malicious users to create a Git tag in a workspace and attach corresponding metadata to a build record.
Jenkins Git
Redhat Openshift Container Platform 3.11
6.5
CVSSv2
CVE-2019-1003003
An improper authorization vulnerability exists in Jenkins 2.158 and previous versions, LTS 2.150.1 and previous versions in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies ...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »