Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift 2.0 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2013-7370
node-connect prior to 2.8.1 has XSS in the Sencha Labs Connect middleware
Redhat Openshift 2.0
Sencha Connect
Opensuse Opensuse 13.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
356
VMScore
CVE-2020-14297
A flaw exists in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service...
Redhat Jboss Fuse 6.0.0
Redhat Single Sign-on 7.0
Redhat Openshift Application Runtimes -
Redhat Jboss Enterprise Application Platform Continuous Delivery -
Redhat Amq 2.0
Redhat Jboss-ejb-client
356
VMScore
CVE-2020-14307
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw all...
Redhat Jboss Fuse 6.0.0
Redhat Single Sign-on 7.0
Redhat Openshift Application Runtimes -
Redhat Jboss Enterprise Application Platform Continuous Delivery -
Redhat Amq 2.0
356
VMScore
CVE-2017-2611
Jenkins prior to 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background proc...
Jenkins Jenkins
Redhat Openshift 2.0
Redhat Openshift 3.0
320
VMScore
CVE-2020-27781
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved vi...
Redhat Ceph
Redhat Ceph Storage 3.0
Redhat Ceph Storage 2.0
Redhat Openshift Container Platform 4.0
Redhat Ceph Storage 4.0
Redhat Openstack Platform 13.0
Fedoraproject Fedora 33
187
VMScore
CVE-2013-0163
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
Redhat Openshift 1.0
Redhat Openshift 2.0
187
VMScore
CVE-2015-0238
selinux-policy as packaged in Red Hat OpenShift 2 allows malicious users to obtain process listing information via a privilege escalation attack.
Redhat Openshift 2.0
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
NA
CVE-2022-3248
A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. This issue could allow an malicious user to violate the boundaries, as permissions will not be applied.
Redhat Openshift Container Platform 4.0
Redhat Advanced Cluster Management For Kubernetes 2.0
NA
CVE-2022-1632
An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation. This flaw allows an malicious user to exploit an invalid certificate, resu...
Redhat Openshift Container Platform 4.0
Redhat Ansible Automation Platform 2.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »