Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openshift container platform vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-1003000
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and previous versions in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the ...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
2 EDB exploits
6 Github repositories
6.8
CVSSv2
CVE-2021-3529
A flaw was found in noobaa-core in versions prior to 5.7.0. This flaw results in the name of an arbitrarily URL being copied into an HTML document as plain text between tags, including potentially a payload script. The input was echoed unmodified in the application response, resu...
Redhat Noobaa-operator
Redhat Openshift Container Platform 4.0
7.5
CVSSv2
CVE-2019-3899
It was found that default configuration of Heketi does not require any authentication potentially exposing the management interface to misuse. This isue only affects heketi as shipped with Openshift Container Platform 3.11.
Redhat Openshift Container Platform 3.11
Heketi Project Heketi -
6.5
CVSSv2
CVE-2018-1000865
A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and previous versions in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, i...
Jenkins Script Security
Redhat Openshift Container Platform 3.11
6.5
CVSSv2
CVE-2018-1000866
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and previous versions in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers w...
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
4.9
CVSSv2
CVE-2020-25639
A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions before 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 8.0
Redhat Messaging Realtime Grid 2.0
Redhat Openshift Container Platform 4.5
Redhat Openshift Container Platform 4.6
Redhat Openshift Container Platform 4.4
3.5
CVSSv2
CVE-2019-1003014
An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and previous versions in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when ...
Jenkins Config File Provider
Redhat Openshift Container Platform 3.11
NA
CVE-2023-2253
A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the all...
Redhat Openshift Container Platform 4.0
Redhat Openshift Developer Tools And Services -
Redhat Openshift Api For Data Protection -
NA
CVE-2023-3153
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an malicious user to cause a denial of service, including on deployments with CoPP enabled and properly configured.
Ovn Open Virtual Network
Redhat Openshift Container Platform 4.0
Redhat Fast Datapath -
NA
CVE-2023-6476
A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node.
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.13
Redhat Openshift Container Platform 4.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »