Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift container platform vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2018-1000862
An information exposure vulnerability exists in Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in DirectoryBrowserSupport.java that allows attackers with the ability to control build output to browse the file system on agents running builds beyond the dura...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
6.5
CVSSv3
CVE-2018-1000864
A denial of service vulnerability exists in Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
8.2
CVSSv3
CVE-2018-1000863
A data modification vulnerability exists in Jenkins 2.153 and previous versions, LTS 2.138.3 and previous versions in User.java, IdStrategy.java that allows malicious users to submit crafted user names that can cause an improper migration of user record storage formats, potential...
Jenkins Jenkins
Redhat Openshift Container Platform 3.11
6.1
CVSSv3
CVE-2019-3826
A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus before version 2.7.1. An attacker could exploit this by convincing an authenticated user to visit a crafted URL on a Prometheus server, allowing for the execution and persistent storage of arbitrary scri...
Prometheus Prometheus
Redhat Openshift Container Platform 3.11
6.1
CVSSv3
CVE-2020-27816
The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. Th...
Elastic Kibana
Redhat Openshift Container Platform 4.0
9.8
CVSSv3
CVE-2020-27846
A signature verification vulnerability exists in crewjam/saml. This flaw allows an malicious user to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Grafana Grafana
Saml Project Saml
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Openshift Service Mesh 2.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.1
CVSSv3
CVE-2022-2989
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissio...
Podman Project Podman
Redhat Enterprise Linux 7.0
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Enterprise Linux 9.0
8.8
CVSSv3
CVE-2019-1003024
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.52 and previous versions in RejectASTTransformsCustomizer.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution o...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
8.1
CVSSv3
CVE-2019-1003011
An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and previous versions in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/pl...
Jenkins Token Macro
Redhat Openshift Container Platform 3.11
6.5
CVSSv3
CVE-2019-1003012
A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and previous versions in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, blueocean-rest/src/ma...
Jenkins Blue Ocean
Redhat Openshift Container Platform 3.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »