Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-10885
In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster.
Redhat Openshift
7
CVSSv3
CVE-2020-1707
A vulnerability was found in all openshift/postgresql-apb 4.x.x versions before 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/postgresql-apb. An attacker with access to the container could use this flaw to modify ...
Redhat Openshift
4.6
CVSSv3
CVE-2021-3636
It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that pr...
Redhat Openshift
9.1
CVSSv3
CVE-2013-4561
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.
Redhat Openshift -
6.5
CVSSv3
CVE-2022-2403
A credentials leak was found in the OpenShift Container Platform. The private key for the external cluster certificate was stored incorrectly in the oauth-serving-cert ConfigMaps, and accessible to any authenticated OpenShift user or service-account. A malicious user could exploi...
Redhat Openshift
1 Github repository
7
CVSSv3
CVE-2019-19346
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and ...
Redhat Openshift
7
CVSSv3
CVE-2019-19348
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. An attacker with access to the container could use this flaw to modify /etc/passwd and esca...
Redhat Openshift
9.8
CVSSv3
CVE-2014-0234
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x prior to 2.1 has a password of "mooo" for a Mongo account, which allows remote malicious users to hijack the broker by providing this password, related to the openshift.sh script in Openshift E...
Redhat Openshift
7.8
CVSSv3
CVE-2014-0023
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution
Redhat Openshift -
5
CVSSv3
CVE-2019-11244
In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If --cache-dir is specified and pointed at a different location accessible to othe...
Kubernetes Kubernetes
Netapp Trident -
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »