6 matches found
Pepr security vulnerabilities
Pepr is a middleware open source by Defense Unicorns. Versions of Pepr prior to 1.0.5 contained security vulnerabilities. These vulnerabilities stemmed from the default use of RBAC configuration for cluster administrators, without enforcing the principle of least privilege...
CVE-2018-15804
An issue was discovered in the MapR File System in MapR Converged Data Platform and MapR-XD 6.x and earlier. Under certain conditions, it is possible for MapR ticket credentials to become compromised, allowing a user to escalate their privileges to act as aka impersonate any other user, including...
Security Bulletin: Users of Helm with IBM Cloud Private can elevate their privileges (CVE-2018-1714)
Summary Users of Helm with IBM Cloud Private can elevate their privileges Vulnerability Details CVEID: CVE-2018-1714 DESCRIPTION: Any user who is authorized to deploy a Helm chart in IBM Cloud Private 2.1.0 can install an unsafe Helm Chart that can run with privileges greater than the Helm user i...
CVE-2015-0862
Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...
CVE-2015-0862
Multiple cross-site scripting XSS vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 message details when a message is unqueued, such as headers or arguments; 2 policy names, which a...