Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the ImageStreamImport mechanism that handles user-supplied image references without proper IP address and network-range validation. An attacker can access internal network resources, enumerate service...

CVE-2025-14443

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service DoS through Server-Side Request Forgery SSRF due to missing IP address and network-range validation when processi...

CVE-2025-14443 Ose-openshift-apiserver: openshift api server: server-side request forgery (ssrf) vulnerability in imagestreamimport mechanism

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service DoS through Server-Side Request Forgery SSRF due to missing IP address and network-range validation when processi...

CVE-2025-14443 Ose-openshift-apiserver: openshift api server: server-side request forgery (ssrf) vulnerability in imagestreamimport mechanism

A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service DoS through Server-Side Request Forgery SSRF due to missing IP address and network-range validation when processi...

EUVD-2020-3170

Malware in sbrugna...

Security Bulletin: IBM CICS TX Standard is vulnerable to multiple vulnerabilities in Kubernetes.

Summary IBM CICS TX Standard is vulnerable to multiple vulnerabilities in Kubernetes. The fix removes these vulnerabilities from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2019-11250 DESCRIPTION: Kubernetes could allow a remote attacker to obtain sensitive information, caused by storin...

Security Bulletin: IBM CICS TX Advanced is vulnerable to multiple vulnerabilities in Kubernetes.

Summary IBM CICS TX Advanced is vulnerable to multiple vulnerabilities in Kubernetes. The fix removes these vulnerabilities from IBM CICS TX Advanced. Vulnerability Details CVEID:CVE-2019-11250 DESCRIPTION: Kubernetes could allow a remote attacker to obtain sensitive information, caused by storin...

CVE-2020-10752

A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. This flaw allows an attacker with the ability to cause an API Server error to read the logs, and use the leaked OAuthToken to log into...

CVE-2019-10165

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources...

CVE-2019-10165

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources...

CVE-2019-10165

The CVE describes a vulnerability in OpenShift Container Platform prior to 4.1.3 where OAuth tokens are written in plaintext to API server audit logs. A user with sufficient privileges could recover these tokens from the logs and use them to access other resources. The issue is confirmed by multi...