9 matches found
RHEL 8 : OpenShift Container Platform 4.6.55 (RHSA-2022:0565)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0565 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
Important: Red Hat Security Advisory: OpenShift Container Platform 3.11.634 security update
Red Hat OpenShift Container Platform release 3.11.634 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score,...
RHEL 7 : OpenShift Container Platform 3.11.634 (RHSA-2022:0555)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0555 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.8.31 security update
Red Hat OpenShift Container Platform release 4.8.31 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.9.19 security update
Red Hat OpenShift Container Platform release 4.9.19 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a...
RHEL 8 : OpenShift Container Platform 4.9.19 (RHSA-2022:0339)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0339 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
CVE-2022-20617
An OS command execution vulnerability was found in the Jenkins Docker Commons plugin. Due to a lack of sanitization in the name of an image or a tag, an attacker with Item/Configure permission or the ability to control the contents of a previously configured job’s SCM repository may be able to...
com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.cloudbees.jenkins.plugins:docker-custom-build-environment (>=1.2 <=1.7.3) +14 more potentially affected by CVE-2022-20617 via org.jenkins-ci.plugins:docker-commons (>=1.0 <=1.15)
org.jenkins-ci.plugins:docker-commons MAVEN version =1.0, =1.9.2-beta, =1.2, =1.0.43, =3.0.0, =1.0, =1.26, =1.0, =1.0, =1.0, =0.2, =0.1.5, =0.2.3 and more Source cves: CVE-2022-20617 Source advisory: OSV:GHSA-JPXJ-VGQ5-PRJC...
CVE-2022-20617
CVE-2022-20617 affects the Jenkins Docker Commons Plugin (1.17 and earlier); OS command execution arises from unsanitized image/tag names. Exploitation requires Item/Configure permission or control over a job’s SCM content. The provided documents indicate this vulnerability is addressed in relate...