RHEL 7 : OpenShift Container Platform 4.4.z jenkins-2-plugins (RHSA-2020:2737)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2737 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

RHEL 7 : containernetworking-plugins (RHSA-2020:2684)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2684 advisory. The Container Network Interface CNI project consists of a specification and libraries for writing plug- ins for configuring network interfaces in Lin...

Unspecified Vulnerability in Mattermost Plugins

Mattermost is a private cloud messaging solution provider. A security vulnerability in Mattermost Plugins can be exploited by an attacker to attach their Mattermost account to another user's GitHub account...

CVE-2019-20864

An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker to attach his Mattermost account to a different person's GitHub account...

CVE-2019-20864

An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker to attach his Mattermost account to a different person's GitHub account...

CVE-2019-20864

An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker to attach his Mattermost account to a different person's GitHub account...

CVE-2019-20864

Mattermost Plugins (prior to 5.13.0) are affected by CVE-2019-20864. The GitHub plugin allows an attacker to attach their Mattermost account to another user’s GitHub account, enabling account association manipulation. Documented impact and scope: authenticated or unauthenticated exploitation is n...

Important: Red Hat Security Advisory: OpenShift Container Platform 3.11 jenkins-2-plugins security update

An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.4.8 containernetworking-plugins security update

An update for containernetworking-plugins is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.3.25 containernetworking-plugins security update

An update for containernetworking-plugins is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Testimonial Rotator < 3.0.3 - Authenticated Stored Cross-Site Scripting (XSS)

A Stored XSS vulnerability has been found in the 'Author Information' textarea in testimonials from the plugin, which could allow an authenticated medium-privileged user contributor+ to inject arbitrary JavaScript. The XSS will be triggered for anyone visiting public posts or testimonial page...

Testimonial Rotator < 3.0.3 - Authenticated Stored Cross-Site Scripting (XSS)

A Stored XSS vulnerability has been found in the 'Author Information' textarea in testimonials from the plugin, which could allow an authenticated medium-privileged user contributor+ to inject arbitrary JavaScript. The XSS will be triggered for anyone visiting public posts or testimonial page...

RHEL 7 / 8 : OpenShift Container Platform 4.3.25 containernetworking-plugins (RHSA-2020:2443)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2443 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

org.eclipse.hudson.plugins:hudson-plugin-parent (>=3.3.1 <=3.3.3), org.eclipse.hudson.stapler:stapler-core (>=3.0.4 <=3.0.6) +10 more potentially affected by CVE-2018-10237 via org.hudsonci.lib.guava:guava (>=14.0.1-h-1 <=14.0.1-h-3)

org.hudsonci.lib.guava:guava MAVEN version =14.0.1-h-1, =3.3.1, =3.0.4, =3.0.4, =3.3.1, =3.3.1, =3.3.1, =3.3.1, =3.3.1, =3.3.1, =3.3.1, =3.3.1, =4.5.0, =4.6.0 Source cves: CVE-2018-10237 Source advisory: OSV:GHSA-MVR2-9PJ6-7W5J...

container-tools:2.0 bug fix update

An update is available for udica, toolbox, python-podman-api, slirp4netns, containernetworking-plugins, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Arbitrary Code Execution

unomi-plugins-base is vulnerable to arbitrary code execution. The vulnerability exists due to the lack of checks on the permitted classes to be executed when evaluating a property condition...

CVE-2020-10749

A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or...

Design/Logic Flaw

A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or...

UBUNTU-CVE-2020-10749

A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or...

PT-2020-12311 · Containernetworking +5 · Containernetworking-Plugins +5

Name of the Vulnerable Software and Affected Versions: containernetworking/plugins versions prior to 0.8.6 Description: A vulnerability was found that allows malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sendi...