Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv3
CVE-2019-19335
During installation of an OpenShift 4 cluster, the `openshift-install` command line tool creates an `auth` directory, with `kubeconfig` and `kubeadmin-password` files. Both files contain credentials used to authenticate to the OpenShift API server, and are incorrectly assigned wo...
Redhat Openshift 4.2
Redhat Openshift 4.0
7
CVSSv3
CVE-2019-19351
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/jenkins-slave-base-...
Redhat Openshift 3.11
Redhat Openshift 4.0
NA
CVE-2013-0164
The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin prior to 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
Redhat Openshift
Redhat Openshift Origin 1.0.5
7.8
CVSSv3
CVE-2013-4364
(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp.
Redhat Openshift 1.0
Redhat Openshift 2.0
6.3
CVSSv3
CVE-2023-0229
A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restr...
Redhat Openshift 4.11
Redhat Openshift 4.12
5.4
CVSSv3
CVE-2019-3889
A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 up to and including 3.7 and openshift-enterprise-3.9 up to and including 3.11. An attacker could use this flaw to steal authorization ...
Redhat Openshift Container Platform
Redhat Openshift Container Platform 4.1
Redhat Openshift Container Platform 4.2
8
CVSSv3
CVE-2023-1260
An authentication bypass vulnerability exists in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need ...
Kubernetes Kube-apiserver -
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform 4.12
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.13
6.5
CVSSv3
CVE-2020-14336
A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an malicious user to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest thre...
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.6
Redhat Openshift Container Platform 4.5.16
8.8
CVSSv3
CVE-2015-7537
Cross-site request forgery (CSRF) vulnerability in Jenkins prior to 1.640 and LTS prior to 1.625.2 allows remote malicious users to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method.
Redhat Openshift 2.0
Redhat Openshift
Jenkins Jenkins
8.8
CVSSv3
CVE-2021-3344
A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use t...
Redhat Openshift Builder
Redhat Openshift Container Platform
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »