21 matches found
EUVD-2024-3619
Malicious code in bioql PyPI...
EUVD-2024-22481
Malicious code in bioql PyPI...
CVE-2024-25132
A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If ...
CVE-2024-25132
Technical details for CVE-2024-25132 are not publicly provided in the supplied documents. Monitor for updates; no affected products, root cause, or remediation can be stated from these sources.
CVE-2024-25132 Openshift-dedicated: hive: hibernation controller denial of service
A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If ...
CVE-2024-25132 Openshift-dedicated: hive: hibernation controller denial of service
A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If ...
CVE-2024-25132
A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the spec.hibernateAfter value. If ...
Red Hat OpenShift Dedicated 资源管理错误漏洞
Red Hat OpenShift Dedicated is a container platform management service for enterprise users from Red Hat, Inc. It is used to build, publish, and manage applications and supports migration of workloads across clouds. Red Hat OpenShift Dedicated suffers from a resource management error vulnerabilit...
SUSE CVE-2024-25133
A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod...
CVE-2024-25133
A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod...
CVE-2024-25133
A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod...
CVE-2024-25133
CVE-2024-25133 affects OpenShift Dedicated’s Hive ClusterDeployments resource. Under certain conditions, a developer account on a Hive-enabled cluster could trigger arbitrary commands execution on the hive/hive-controllers pod, enabling privilege escalation to cluster-admin. The referenced report...
CVE-2024-25133 Openshift-dedicated: hive: rce through aws/kubernetes client configuration leads to privilege escalation
A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod...
CVE-2024-25131
A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource CRD of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard...
CVE-2024-25131
A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource CRD of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard...
CVE-2024-25131
CVE-2024-25131 is linked to OpenShift Must Gather Operator Improper Input Validation. The vulnerability arises in the MustGather.managed.openshift.io CRD, where a non-privileged cluster user can create a MustGather object with a crafted file and set the most privileged service account to run the ...
CVE-2024-25131 Openshift-dedicated: must-gather-operator: yaml template injection leads to privilege escalation
A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource CRD of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard...
CVE-2024-25131 Openshift-dedicated: must-gather-operator: yaml template injection leads to privilege escalation
A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource CRD of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard...
CVE-2024-25131
A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource CRD of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard...
Moderate: Red Hat Security Advisory: ACS 3.67 security and enhancement update
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes RHACS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...