Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5408
A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader ac...
Redhat Openshift Container Platform 4.12
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.13
Redhat Openshift Container Platform 4.14
578
VMScore
CVE-2019-10225
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the valu...
Redhat Openshift 4.2
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.0
NA
CVE-2021-4294
A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function ClientSecretMatches/CheckClientSecret. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is 8612686d6dda34ae9ef6b5a974...
Redhat Openshift Container Platform 4.0
Redhat Openshift Osin 1.0.1
Redhat Openshift Osin 1.0.0
516
VMScore
CVE-2012-5647
Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin prior to 1.0.5-3 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO.
Redhat Openshift Origin
Redhat Openshift 1.0
392
VMScore
CVE-2019-19351
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/jenkins-slave-base-...
Redhat Openshift 3.11
Redhat Openshift 4.0
320
VMScore
CVE-2013-0164
The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin prior to 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
Redhat Openshift
Redhat Openshift Origin 1.0.5
668
VMScore
CVE-2012-5646
node-util/www/html/restorer.php in the Red Hat OpenShift Origin prior to 1.0.5-3 allows remote malicious users to execute arbitrary commands via a crafted uuid in the PATH_INFO.
Redhat Openshift Origin
Redhat Openshift 1.0
187
VMScore
CVE-2019-19335
During installation of an OpenShift 4 cluster, the `openshift-install` command line tool creates an `auth` directory, with `kubeconfig` and `kubeadmin-password` files. Both files contain credentials used to authenticate to the OpenShift API server, and are incorrectly assigned wo...
Redhat Openshift 4.2
Redhat Openshift 4.0
409
VMScore
CVE-2019-19350
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat Openshift 4 and 3.11. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
Redhat Openshift 3.11
Redhat Openshift 4.0
187
VMScore
CVE-2012-5658
rhc-chk.rb in Red Hat OpenShift Origin prior to 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent malicious users to obtain sensitive information, as demonstrated by including log files or Bugzilla...
Redhat Openshift Origin 1.0.5
Redhat Openshift
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »