Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-10356
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and previous versions related to the handling of method pointer expressions allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
4.3
CVSSv3
CVE-2019-10357
A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and previous versions allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.
Jenkins Pipeline\\ Shared Groovy Libraries
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
5.3
CVSSv3
CVE-2022-3466
The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP...
Kubernetes Cri-o -
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.12
5.3
CVSSv3
CVE-2016-1000232
NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been ...
Salesforce Tough-cookie
Ibm Api Connect
Ibm Api Connect 5.0.8.0
Redhat Openshift Container Platform 3.3
Redhat Openshift Container Platform 3.1
Redhat Openshift Container Platform 3.2
6.5
CVSSv3
CVE-2019-10223
A security issue exists in the kube-state-metrics versions v1.7.0 and v1.7.1. An experimental feature was added to the v1.7.0 release that enabled annotations to be exposed as metrics. By default, the kube-state-metrics metrics only expose metadata about Secrets. However, a combi...
Kubernetes Kube-state-metrics 1.7.0
Kubernetes Kube-state-metrics 1.7.1
Redhat Openshift Container Platform 4.2
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
8.1
CVSSv3
CVE-2021-4125
It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as not all JndiLookup.class files were removed. This CVE only applies to the OpenShift Metering hive container images, shipped in OpenShift 4.8...
Redhat Openshift
4.6
CVSSv3
CVE-2021-3636
It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that pr...
Redhat Openshift
9.1
CVSSv3
CVE-2013-4561
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.
Redhat Openshift -
6.1
CVSSv3
CVE-2020-1761
A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. An attacker can use this flaw to get the access token via physical access, or an XSS attack on the victim's browser. This flaw affects openshift/console versi...
Redhat Openshift
5.3
CVSSv3
CVE-2019-14845
A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hostname verification. An attacker can take advantage of this flaw by launching a man-in-the-middle attack and injecting malicious content.
Redhat Openshift
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »