Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2019-10356
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and previous versions related to the handling of method pointer expressions allowed malicious users to execute arbitrary code in sandboxed scripts.
Jenkins Script Security
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
578
VMScore
CVE-2021-3495
An incorrect access control flaw was found in the kiali-operator in versions prior to 1.33.0 and prior to 1.24.7. This flaw allows an attacker with a basic level of access to the cluster (to deploy a kiali operand) to use this vulnerability and deploy a given image to anywhere in...
Netlify Kiali-operator
Redhat Openshift Service Mesh 1.0
Redhat Openshift Service Mesh 2.0
356
VMScore
CVE-2019-10357
A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and previous versions allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.
Jenkins Pipeline\\ Shared Groovy Libraries
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
NA
CVE-2022-3466
The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP...
Kubernetes Cri-o -
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.12
356
VMScore
CVE-2019-10223
A security issue exists in the kube-state-metrics versions v1.7.0 and v1.7.1. An experimental feature was added to the v1.7.0 release that enabled annotations to be exposed as metrics. By default, the kube-state-metrics metrics only expose metadata about Secrets. However, a combi...
Kubernetes Kube-state-metrics 1.7.0
Kubernetes Kube-state-metrics 1.7.1
Redhat Openshift Container Platform 4.2
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
445
VMScore
CVE-2016-1000232
NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been ...
Salesforce Tough-cookie
Ibm Api Connect
Ibm Api Connect 5.0.8.0
Redhat Openshift Container Platform 3.3
Redhat Openshift Container Platform 3.1
Redhat Openshift Container Platform 3.2
392
VMScore
CVE-2020-1707
A vulnerability was found in all openshift/postgresql-apb 4.x.x versions before 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/postgresql-apb. An attacker with access to the container could use this flaw to modify ...
Redhat Openshift
570
VMScore
CVE-2013-4561
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.
Redhat Openshift -
365
VMScore
CVE-2021-3636
It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that pr...
Redhat Openshift
409
VMScore
CVE-2014-0023
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution
Redhat Openshift -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »