EUVD-2021-26675

Malware in sbrugna...

EUVD-2024-2857

Malicious code in bioql PyPI...

Execution With Unnecessary Privileges

github.com/openshift/builder is vulnerable to Execution With Unnecessary Privileges. The vulnerability is caused due to improper validation of the spec.source.secrets.secret.destinationDir attribute, allowing path traversal that enables a malicious user to override executable files inside the...

GO-2024-3129 OpenShift Builder has a path traversal, allows command injection in privileged BuildContainer in github.com/openshift/builder

OpenShift Builder has a path traversal, allows command injection in privileged BuildContainer in github.com/openshift/builder...

Red Hat OpenShift Container Platform 安全漏洞

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat, Inc. that enables organizations to develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. A security vulnerability exists in Red Hat OpenShif...

CVE-2024-7387

OpenShift CVE-2024-7387 is a symlink-traversal/path traversal vulnerability in the openshift/builder docker build path. A privileged build container can have its destinationDir override a symlink (e.g., usr_bin -> /usr/bin), enabling overwriting of system binaries like /usr/bin/cp and executio...

PT-2024-6569 · Docker · Docker

Name of the Vulnerable Software and Affected Versions: openshift/builder affected versions not specified Description: A flaw was found in openshift/builder, allowing command injection via path traversal. This enables a malicious user to execute arbitrary commands on the OpenShift node running the...

CVE-2021-3344

A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to...

CVE-2021-3344

A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to...

CVE-2021-3344

Summary: CVE-2021-3344 is a privilege-escalation flaw in OpenShift builder. During image build, credentials outside the build context can be automatically mounted into the container under construction. If an attacker can execute code during build inside the container, they can reuse those credent...

CVE-2021-3344

A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to...

CVE-2021-3344

A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to...