Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift 2.0 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2013-0163
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
Redhat Openshift 1.0
Redhat Openshift 2.0
7.2
CVSSv2
CVE-2013-4364
(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp.
Redhat Openshift 1.0
Redhat Openshift 2.0
9
CVSSv2
CVE-2014-0163
Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.
Redhat Openshift 1.0
Redhat Openshift 2.0
6.8
CVSSv2
CVE-2015-7537
Cross-site request forgery (CSRF) vulnerability in Jenkins prior to 1.640 and LTS prior to 1.625.2 allows remote malicious users to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method.
Redhat Openshift 2.0
Redhat Openshift
Jenkins Jenkins
6.8
CVSSv2
CVE-2015-7538
Jenkins prior to 1.640 and LTS prior to 1.625.2 allow remote malicious users to bypass the CSRF protection mechanism via unspecified vectors.
Jenkins Jenkins
Redhat Openshift
Redhat Openshift 2.0
4
CVSSv2
CVE-2017-2611
Jenkins prior to 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background proc...
Jenkins Jenkins
Redhat Openshift 2.0
Redhat Openshift 3.0
7.6
CVSSv2
CVE-2015-7539
The Plugins Manager in Jenkins prior to 1.640 and LTS prior to 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle malicious users to execute arbitrary code via a crafted plugin.
Jenkins Jenkins
Redhat Openshift 2.0
Redhat Openshift 3.1
2.1
CVSSv2
CVE-2015-0238
selinux-policy as packaged in Red Hat OpenShift 2 allows malicious users to obtain process listing information via a privilege escalation attack.
Redhat Openshift 2.0
6.5
CVSSv2
CVE-2021-3495
An incorrect access control flaw was found in the kiali-operator in versions prior to 1.33.0 and prior to 1.24.7. This flaw allows an attacker with a basic level of access to the cluster (to deploy a kiali operand) to use this vulnerability and deploy a given image to anywhere in...
Netlify Kiali-operator
Redhat Openshift Service Mesh 1.0
Redhat Openshift Service Mesh 2.0
NA
CVE-2021-3586
A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed, allowing access to all ports on these resources from any pod. The highest threat from this vulnerability is to data confidentiality and...
Redhat Openshift Service Mesh 2.0
Redhat Servicemesh-operator 2.0.5.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »