RHCOS 3 : Red Hat OpenShift Enterprise 3.1 (RHSA-2016:1095)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:1095 advisory. - 3: Untrusted content loaded via the API proxy can access web console credentials on the same domain CVE-2016-3703 Note that Nessus has not...

Important: Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update

An updated OpenShift Compliance Operator image that fixes various bugs and adds new enhancements is now available for the Red Hat OpenShift Enterprise 4 catalog. The OpenShift Compliance Operator v1.9.0 is now available. See the documentation for bug fix information:...

EUVD-2017-16548

Malware in sbrugna...

RHSA-2016:1852 Red Hat Security Advisory: Red Hat OpenShift Enterprise 3.1 security update

Bulletin has no description...

RHBA-2014:1630 Red Hat Bug Fix Advisory: Red Hat OpenShift Enterprise 2.1 jenkins-plugin-openshift bug fix update

Bulletin has no description...

RHSA-2014:1796 Red Hat Security Advisory: Red Hat OpenShift Enterprise 2.2 Release Advisory

Bulletin has no description...

RHSA-2014:1906 Red Hat Security Advisory: Red Hat OpenShift Enterprise 2.1.9 security, bug fix, and enhancement update

Bulletin has no description...

RHSA-2013:0638 Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1.2 update

Bulletin has no description...

RHEA-2013:1031 Red Hat Enhancement Advisory: Red Hat OpenShift Enterprise 1.2 Infrastructure Release Advisory

Bulletin has no description...

RHEA-2013:1032 Red Hat Enhancement Advisory: Red Hat OpenShift Enterprise 1.2 Node Release Advisory

Bulletin has no description...

Important: Red Hat Security Advisory: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform release 4.11.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...

CVE-2017-7517

An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project called "MyProject", and then later deletes it another user can then create a project called "MyProject" and access...

Input validation

An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project called "MyProject", and then later deletes it another user can then create a project called "MyProject" and access...

CVE-2017-7517

An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project called "MyProject", and then later deletes it another user can then create a project called "MyProject" and access...

CVE-2017-7517

CVE-2017-7517 describes an input validation issue in Red Hat OpenShift Enterprise where a 1:1 mapping between Hawkular Metrics tenants and OpenShift projects/namespaces allows a user who creates and later deletes a project named X to be able to access the metrics from the original project X when ...

PT-2022-8032 · Red Hat · Openshift Enterprise

Name of the Vulnerable Software and Affected Versions: Openshift Enterprise affected versions not specified Description: An input validation issue exists due to a direct mapping between tenants in Hawkular Metrics and projects/namespaces in OpenShift. This allows a new project with the same name ...

PT-2020-14907 · Red Hat · Openshift Enterprise

Name of the Vulnerable Software and Affected Versions: openshift-enterprise versions 3.11 through 4.3 Description: A security issue has been identified where multiple containers in openshift-enterprise modify the permissions of /etc/passwd, allowing users other than root to modify it. An attacker...

Man-In-The-Middle (MitM)

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...

CSRF Bypass

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...

Cross-Site Scripting (XSS)

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...