Lucene search
K

38 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-45178

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00578EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2022-4032

Malicious code in bioql PyPI...

7.7CVSS7.7AI score0.01952EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-7677

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00735EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-3382

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00569EPSS
Exploits0References7
F5 Networks
F5 Networks
added 2025/05/21 4:3 p.m.9 views

K000151459: OpenShift vulnerability CVE-2023-2253

Security Advisory Description A flaw was found in the /v2/catalog endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned query string: n. This vulnerability allows a malicious user to submit an unreasonably large value for n, causing the...

6.5CVSS5.8AI score0.00938EPSS
Exploits0
CNNVD
CNNVD
added 2024/12/31 12:0 a.m.6 views

Red Hat OpenShift 安全漏洞

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat USA that supports building, testing, deploying and running applications. A security vulnerability exists in Red Hat OpenShift. An attacker can exploit the vulnerability to cause a denial of service by modifyin...

7.6CVSS7.2AI score0.00548EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/31 12:0 a.m.5 views

Red Hat OpenShift 访问控制错误漏洞

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat USA that supports building, testing, deploying and running applications. An access control error vulnerability exists in Red Hat OpenShift. An attacker exploiting this vulnerability could gain cluster...

8.8CVSS6.8AI score0.00482EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/31 12:0 a.m.5 views

PT-2024-31663

Name of the Vulnerable Software and Affected Versions: OpenShift versions 4 JBoss Fuse version 7 Description: A flaw was found in the build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build po...

7.6CVSS7AI score0.00548EPSS
Exploits0References23
Github Security Blog
Github Security Blog
added 2024/12/19 3:31 p.m.15 views

OpenShift Must Gather Operator Improper Input Validation vulnerability

A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource CRD of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard...

8.8CVSS6.8AI score0.00754EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/11/18 12:0 a.m.7 views

The vulnerability of the /v2/_catalog component of the Red Hat OpenShift Container Platform allows a attacker to trigger a service failure.

The vulnerability of the /v2/catalog component of the Red Hat OpenShift Container Platform relates to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

6.8CVSS6.3AI score0.00938EPSS
Exploits0References6Affected Software3
Vulnrichment
Vulnrichment
added 2022/10/17 12:0 a.m.8 views

CVE-2017-7517

An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project called "MyProject", and then later deletes it another user can then create a project called "MyProject" and access...

3.8AI score0.00448EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/17 12:0 a.m.4 views

Red Hat OpenShift 输入验证错误漏洞

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat that enables building, testing, deploying and running applications. An input validation error vulnerability exists in Redhat Openshift Enterprise, which arises when a user creates a project named "MyProject" a...

3.5CVSS5.1AI score0.00448EPSS
Exploits0References3
NCSC
NCSC
added 2022/07/27 12:0 a.m.8 views

Vulnerability fixed in Red Hat OpenShift Container Platform

A vulnerability has been found in OpenShift Container Platform. The private key for an external cluster certificate is stored in an insecure manner in the oauth-serving-cert ConfigMaps and therefore available to any OpenShift user or service account. A malicious can obtain this private key and...

6.5CVSS6.5AI score0.00474EPSS
Exploits0
CNVD
CNVD
added 2020/04/22 12:0 a.m.48 views

Red Hat OpenShift Container Platform Log Information Disclosure Vulnerability

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat that enable organizations to develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. A log information disclosure vulnerability exists in Red H...

8.2CVSS6.1AI score0.0097EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/12/03 5:31 p.m.6 views

kubernetes: authentication/authorization bypass in the handling of non-101 responses

A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in...

9.8CVSS7.4AI score0.86978EPSS
Exploits10References6
RedHat Linux
RedHat Linux
added 2018/11/11 4:39 p.m.6 views

atomic-openshift: oc patch with json causes masterapi service crash

An out of bounds write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform 3.x. An attacker can use this flaw to cause a denial of service attack on the Openshift master API service which provides cluster management...

7.7CVSS7.2AI score0.01952EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2016/04/28 12:0 a.m.6 views

The vulnerability of the software for managing clusters of virtual machines in Kubernetes and the cloud platform OpenShift allows a hacker to read arbitrary logs.

The vulnerability of the Kubernetes cluster management software and the cloud platform OpenShift is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to read arbitrary logs using the container name, while operating remotely...

5CVSS5.9AI score0.02077EPSS
Exploits0References8Affected Software2
RedHat Linux
RedHat Linux
added 2014/05/21 3:45 p.m.5 views

OpenShift: downloadable cartridge source url file command execution as root

Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartridge using the file: URI scheme...

6.5CVSS6.1AI score0.01734EPSS
Exploits1References4
Rows per page
Query Builder