58 matches found
RHCOS 2 : Red Hat OpenShift Enterprise 2.2.8 (RHSA-2015:2666)
The remote Red Hat Enterprise Linux CoreOS 2 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:2666 advisory. - haproxy: information leak in bufferslowrealign CVE-2015-3281 Note that Nessus has not tested for this issue but has instead relied only on...
RHBA-2014:0487 Red Hat Bug Fix Advisory: Red Hat OpenShift Enterprise 2.1 Release Advisory
Bulletin has no description...
RHEL 7 / 8 : Red Hat OpenShift Enterprise (RHSA-2023:3910)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3910 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
GO-2022-0701 Directory traversal in k8s.io/kubernetes
Crafted object type names can cause directory traversal in Kubernetes. Object names are not validated before being passed to etcd. This allows attackers to write arbitrary files via a crafted object name, hence causing directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Enterprise Logging bug fix and security update (5.2.6)
An update is now available for OpenShift Logging 5.2.6 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in t...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Enterprise security and bug fix update
Red Hat OpenShift Container Platform release 4.6.36 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...
CVE-2014-0234
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a Mongo account, which allows remote attackers to hijack the broker by providing this password, related to the openshift.sh script in Openshift Extras before 20130920. NOTE: this m...
(RHSA-2019:1862) Low: Red Hat OpenShift Enterprise one-month end-of-life notice
As part of the maintenance phase, qualified security patches of Critical or Important impact, as well as select mission-critical bug-fix patches, were released for Red Hat OpenShift Enterprise 3.6 and 3.7. After July 31st, 2019, customers will not receive those updates. Red Hat OpenShift Containe...
Open Redirect
The openshift-origin-node-util package provides a set of utility scripts for a node. Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. A flaw was found in the way the administrative web interface for restori...
Information Disclosure
atomic-openshift is vulnerable to information disclosure attacks. The vulnerability exists as Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which allows local users to obtain Active Directory credentials by readin...
Authentication Bypass
openshift-origin-broker is vulnerable to authentication bypass attacks. The vulnerability exists as the openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attacker...
RHEL 6 : openshift-origin-node-util (RHSA-2013:0148)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:0148 advisory. The openshift-origin-node-util package provides a set of utility scripts for a node. Red Hat OpenShift Enterprise is a cloud computing...
RHEL 6 : ruby193-ruby, rubygem-json and rubygem-rdoc (RHSA-2013:0701)
Updated ruby193-ruby, rubygem-json and rubygem-rdoc packages that fix two security issues are now available for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
RHEL 6 : rubygem-activesupport (RHSA-2013:0202)
An updated rubygem-activesupport package that fixes one security issue is now available for Red Hat OpenShift Enterprise 1.0. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
RHEL 6 : rubygem-actionpack and ruby193-rubygem-actionpack (RHSA-2013:0698)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0698 advisory. Ruby on Rails is a modelviewcontroller MVC framework for web application development. Action Pack implements the controller and the view...
RHEL 7 : Red Hat OpenShift Enterprise 3.2 (RHSA-2016:1064)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1064 advisory. OpenShift Enterprise by Red Hat is the company's cloud computing Platform- as-a-Service PaaS solution designed for on-premise or private clo...
RHEL 7 : atomic-openshift (RHSA-2016:1427)
An update for atomic-openshift is now available for Red Hat OpenShift Enterprise 3.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
RHEL 7 : openshift (RHSA-2015:1650)
Updated openshift packages that fix one security issue are now available for Red Hat OpenShift Enterprise 3.0. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 6 : haproxy (RHSA-2013:1204)
An updated haproxy package that fixes one security issue is now available for Red Hat OpenShift Enterprise 1.2.2. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
RHEL 6 : rubygems (RHSA-2014:0207)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0207 advisory. RubyGems is the Ruby standard for publishing and managing third-party libraries. It was discovered that the rubygems API validated version strings...