Lucene search
K

46 matches found

Vulnrichment
Vulnrichment
added 2025/04/02 11:7 a.m.6 views

CVE-2025-2786 Tempo-operator: serviceaccount token exposure leading to token and subject access reviews in openshift tempo operator

A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...

4.3CVSS7AI score0.00336EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/04/02 11:7 a.m.22 views

CVE-2025-2786 Tempo-operator: serviceaccount token exposure leading to token and subject access reviews in openshift tempo operator

A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...

4.3CVSS0.00336EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/03/26 10:29 p.m.14 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.48 security update

Red Hat OpenShift Container Platform release 4.15.48 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

9.8CVSS7.4AI score0.03558EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2025/03/11 2:8 a.m.28 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.4 security update

Red Hat OpenShift Container Platform release 4.18.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

8.7CVSS7.5AI score0.01262EPSS
Exploits1References30
OSV
OSV
added 2025/03/05 10:3 a.m.8 views

RHSA-2025:1914 Red Hat Security Advisory: OpenShift Container Platform 4.17.19 packages and security update

Bulletin has no description...

8.6CVSS7.2AI score0.00358EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/03/05 4:22 a.m.11 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.37 security update

Red Hat OpenShift Container Platform release 4.16.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

8.6CVSS7.1AI score0.00358EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/03/05 3:59 a.m.12 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.37 security update

Red Hat OpenShift Container Platform release 4.16.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

7.5CVSS6.8AI score0.17935EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2025/02/27 4:45 a.m.8 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.46 packages and security update

Red Hat OpenShift Container Platform release 4.15.46 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

8.6CVSS7.1AI score0.00358EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/02/27 12:33 a.m.12 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.36 security and extras update

Red Hat OpenShift Container Platform release 4.16.36 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a security impact of...

9.8CVSS7AI score0.01261EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/02/25 2:32 a.m.18 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.1 security and extras update

Red Hat OpenShift Container Platform release 4.18.1 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References37
RedHat Linux
RedHat Linux
added 2025/02/19 11:10 p.m.15 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.48 security update

Red Hat OpenShift Container Platform release 4.14.48 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

9.1CVSS7.3AI score0.09353EPSS
Exploits5References9
RedHat Linux
RedHat Linux
added 2025/02/18 5:47 p.m.14 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.17 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.17 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

7.8CVSS7.3AI score0.03301EPSS
Exploits1References14
RedHat Linux
RedHat Linux
added 2025/02/13 2:10 a.m.19 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.73 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.73 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

7.8CVSS7.3AI score0.09353EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2025/02/11 11:42 a.m.11 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.16 security update

Red Hat OpenShift Container Platform release 4.17.16 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

6.6CVSS6.8AI score0.00234EPSS
Exploits0References2
OSV
OSV
added 2025/02/08 10:8 a.m.13 views

RHSA-2025:0842 Red Hat Security Advisory: OpenShift Container Platform 4.14.46 security update

Bulletin has no description...

7.3CVSS7.9AI score0.005EPSS
Exploits0References17
RedHat Linux
RedHat Linux
added 2025/01/29 12:29 a.m.25 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.32 security and extras update

Red Hat OpenShift Container Platform release 4.16.32 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a security impact of...

9.1CVSS6.7AI score0.03153EPSS
Exploits2References3
NVD
NVD
added 2024/12/31 3:15 a.m.16 views

CVE-2024-45497

A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories...

7.6CVSS0.00548EPSS
Exploits0References9
Prion
Prion
added 2024/12/31 3:15 a.m.16 views

CVE-2024-45497

A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories...

7.6CVSS0.00548EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2024/12/30 11:24 a.m.11 views

CVE-2024-45497

A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories...

7.6CVSS6.5AI score0.00548EPSS
Exploits0References3
OSV
OSV
added 2024/12/19 3:31 p.m.10 views

GHSA-77C2-C35Q-254W OpenShift Must Gather Operator Improper Input Validation vulnerability

A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource CRD of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard...

8.8CVSS8.5AI score0.00754EPSS
Exploits0References6
Rows per page
Query Builder