46 matches found
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14 ztp-site-generate container
An update for ztp-site-generate is available for Red Hat OpenShift Container Platform 4.14. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the ztp-site-generate...
Vulnerability fixed in Red Hat OpenShift Container Platform
A vulnerability has been found in OpenShift Container Platform. The private key for an external cluster certificate is stored in an insecure manner in the oauth-serving-cert ConfigMaps and therefore available to any OpenShift user or service account. A malicious can obtain this private key and...
CVE-2021-4047
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9...
CVE-2021-4047
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9...
PT-2022-9172 · Red Hat · Openshift Container Platform 4
Name of the Vulnerable Software and Affected Versions: OpenShift Container Platform 4 affected versions not specified Description: It was found that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint port 22623...
PT-2019-11637 · Red Hat · Openshift Container Platform
Name of the Vulnerable Software and Affected Versions: OpenShift Container Platform versions 4.1 and 4.2 Description: The issue allows a low-privileged user to read pod logs and discover secret material if the log level in an operator has been set to Debug or higher by a privileged user. This...