46 matches found
CVE-2025-2786 Tempo-operator: serviceaccount token exposure leading to token and subject access reviews in openshift tempo operator
A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...
CVE-2025-2786 Tempo-operator: serviceaccount token exposure leading to token and subject access reviews in openshift tempo operator
A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.48 security update
Red Hat OpenShift Container Platform release 4.15.48 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.4 security update
Red Hat OpenShift Container Platform release 4.18.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...
RHSA-2025:1914 Red Hat Security Advisory: OpenShift Container Platform 4.17.19 packages and security update
Bulletin has no description...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.37 security update
Red Hat OpenShift Container Platform release 4.16.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.37 security update
Red Hat OpenShift Container Platform release 4.16.37 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.46 packages and security update
Red Hat OpenShift Container Platform release 4.15.46 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.36 security and extras update
Red Hat OpenShift Container Platform release 4.16.36 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a security impact of...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.1 security and extras update
Red Hat OpenShift Container Platform release 4.18.1 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.48 security update
Red Hat OpenShift Container Platform release 4.14.48 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.17 bug fix and security update
Red Hat OpenShift Container Platform release 4.17.17 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.73 bug fix and security update
Red Hat OpenShift Container Platform release 4.12.73 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.16 security update
Red Hat OpenShift Container Platform release 4.17.16 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...
RHSA-2025:0842 Red Hat Security Advisory: OpenShift Container Platform 4.14.46 security update
Bulletin has no description...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.32 security and extras update
Red Hat OpenShift Container Platform release 4.16.32 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a security impact of...
CVE-2024-45497
A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories...
CVE-2024-45497
A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories...
CVE-2024-45497
A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories...
GHSA-77C2-C35Q-254W OpenShift Must Gather Operator Improper Input Validation vulnerability
A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource CRD of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard...