Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.26 views

RHEL 8 : OpenShift Container Platform 4.11.43 (RHSA-2023:3541)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3541 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

7.5CVSS6.7AI score0.01261EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.21 views

RHEL 7 / 8 : OpenShift Container Platform 4.10.60 (RHSA-2023:3216)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3216 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

7.1CVSS6.1AI score0.0037EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/06/14 2:39 p.m.378 views

Low: Red Hat Security Advisory: OpenShift Container Platform 4.11.43 packages and security update

Red Hat OpenShift Container Platform release 4.11.43 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...

7.5CVSS6.7AI score0.01261EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2023/05/24 1:26 p.m.29 views

Low: Red Hat Security Advisory: OpenShift Container Platform 4.10.60 packages and security update

Red Hat OpenShift Container Platform release 4.10.60 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...

7.1CVSS6.5AI score0.0037EPSS
Exploits1References3
ALT Linux
ALT Linux
added 2023/03/29 12:0 a.m.65 views

Security fix for the ALT Linux 10 package cri-o version 1.26.2-alt1

1.26.2-alt1 built March 29, 2023 Alexander Stepchenko in task 317575 March 27, 2023 Alexander Stepchenko - 1.26.2 - Fixes: CVE-2022-2995, CVE-2022-27652, CVE-2022-4318...

4.6CVSS6.3AI score0.0037EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2023/02/16 2:11 p.m.48 views

Supplementary groups are not set up properly in github.com/containerd/containerd

Impact A bug was found in containerd where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in...

7.8CVSS7.2AI score0.00542EPSS
Exploits1References15Affected Software1
RedHat Linux
RedHat Linux
added 2023/01/17 7:29 p.m.88 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.0 packages and security update

Red Hat OpenShift Container Platform release 4.12.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

8.2CVSS6.7AI score0.02513EPSS
Exploits7References13
OSV
OSV
added 2022/09/19 8:15 p.m.7 views

AZL-39882 CVE-2022-2995 affecting package cri-o for versions less than 1.21.7-2

Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute...

7.1CVSS6.5AI score0.0037EPSS
Exploits1References1
CVE
CVE
added 2022/09/19 7:53 p.m.174 views

CVE-2022-2995

CVE-2022-2995 affects the CRI-O container engine (CRI-O) where incorrect handling of supplementary groups can lead to sensitive information disclosure or data modification if an attacker can access the affected container and execute code there. The issue is referenced across multiple advisories (...

7.1CVSS7.1AI score0.0037EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/19 7:53 p.m.8 views

CVE-2022-2995

Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute...

6.9AI score0.0037EPSS
Exploits1References2
Rows per page
Query Builder