CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-1010

Malicious code in bioql PyPI...

5.5CVSS5AI score0.00061EPSS

Exploits0References6

Veracode•added 2023/04/04 12:38 p.m.•21 views

Information Disclosure

github.com/openshift/assisted-installer is vulnerable to Information Disclosure. The vulnerability exists in ops.go due to the leakage of image pull secrets as plaintext in installation logs which allows an attacker to gain access to the pull secret token information...

5.5CVSS5.7AI score0.00061EPSS

Exploits0References4Affected Software1

OSV•added 2023/03/24 9:30 p.m.•2 views

GHSA-G8XM-P2H4-V6JP OpenShift Assisted Installer leaks image pull secrets as plaintext in installation logs

A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the...

5.5CVSS5.5AI score0.00061EPSS

Exploits0References5

Github Security Blog•added 2023/03/24 9:30 p.m.•21 views

OpenShift Assisted Installer leaks image pull secrets as plaintext in installation logs

5.5CVSS5.4AI score0.00061EPSS

Exploits0References5Affected Software1

NVD•added 2023/03/24 8:15 p.m.•9 views

CVE-2021-3684

5.5CVSS5.4AI score0.00061EPSS

Exploits0References3

OSV•added 2023/03/24 8:15 p.m.•15 views

CVE-2021-3684

5.5CVSS5.7AI score

Exploits0References3

Prion•added 2023/03/24 8:15 p.m.•15 views

Design/Logic Flaw

1.7CVSS5.3AI score0.00061EPSS

Exploits0References3Affected Software2

CVE•added 2023/03/24 12:0 a.m.•58 views

CVE-2021-3684

The CVE-2021-3684 entry concerns OpenShift Assisted Installer. During Discovery ISO generation, image pull secrets were leaked as plaintext in installation logs, enabling an authenticated user to reuse the secret to pull container images from the registry as that user. Documents substantiate the ...

5.5CVSS5.3AI score0.00061EPSS

Exploits0References3Affected Software2

Cvelist•added 2023/03/24 12:0 a.m.•11 views

CVE-2021-3684

5.7AI score0.00061EPSS

Exploits0References3

Positive Technologies•added 2023/03/24 12:0 a.m.•1 views

PT-2023-12303 · Red Hat · Openshift Assisted Installer

Name of the Vulnerable Software and Affected Versions: OpenShift Assisted Installer affected versions not specified Description: A vulnerability was found in OpenShift Assisted Installer where image pull secrets were leaked as plaintext in the installation logs during the generation of the...

5.5CVSS4.4AI score0.00061EPSS

Exploits0References6

Vulnrichment•added 2023/03/24 12:0 a.m.•6 views

CVE-2021-3684

5.4AI score0.00061EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 4:1 a.m.•3 views

SUSE CVE-2020-8564

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

4.7CVSS9.3AI score0.00042EPSS

Exploits0References16

OSV•added 2023/02/06 11:27 p.m.•45 views

GHSA-8MJG-8C8G-6H85 Kubernetes Sensitive Information leak via Log File

4.7CVSS5.4AI score0.00042EPSS

Exploits0References8

Github Security Blog•added 2023/02/06 11:27 p.m.•28 views

Kubernetes Sensitive Information leak via Log File

5.5CVSS6.3AI score0.00042EPSS

Exploits0References8Affected Software2

GitLab Advisory Database•added 2023/02/06 12:0 a.m.•37 views

Insertion of Sensitive Information into Log File

5.5CVSS3.5AI score0.00042EPSS

Exploits0References8Affected Software1

RedhatCVE•added 2022/10/19 4:47 a.m.•20 views

CVE-2021-3684

3.3CVSS2.7AI score0.00061EPSS

Exploits0References3

OSV•added 2022/04/01 11:15 p.m.•13 views

CVE-2021-20238

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint port 22623 provides ignition configuration used for bootstrapping Nodes and can include some sensitive data,...

3.7CVSS6.7AI score0.00242EPSS

Exploits0References1

RedHat Linux•added 2021/08/25 3:20 p.m.•0 views

kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4

A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This can occur with client tools like...

5.5CVSS7.3AI score0.00042EPSS

Exploits0References6

IBM Security Bulletins•added 2021/05/13 4:56 p.m.•59 views

Security Bulletin: Vulnerabilities in the Python, Docker, and ICP affect IBM Spectrum Discover

Summary Vulnerabilities in the Python, Docker, and ICP such as a hole to obtain confidential information, denial of service, unauthorized access with high privileges, duplicate entries and CRLF injection, may affect IBM Spectrum Discover Vulnerability Details CVEID: CVE-2020-8566 DESCRIPTION:...

8.8CVSS8.1AI score0.51201EPSS

Exploits9Affected Software1

OSV•added 2020/12/07 10:15 p.m.•19 views

CVE-2020-8564

5.5CVSS6.5AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by