EUVD-2019-14022

Malware in sbrugna...

CVE-2023-1260

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...

kube-apiserver: PrivEsc

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...

Red Hat openshift 安全漏洞

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying and running applications. Red Hat openshift has a security vulnerability that stems from the presence of an authentication bypass vulnerability, which could be...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes kubelet security vulnerability (CVE-2021-25741)

Summary Red Hat OpenShift on IBM Cloud is affected by a Kubernetes kubelet security vulnerability that could allow host path like access without use of the hostPath feature, thus bypassing the restriction CVE-2021-25741. Vulnerability Details CVEID: CVE-2021-25741 Description: Kubernetes could...

CVE-2020-14336

A flaw was found in the Restricted Security Context Constraints SCC, where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerabilit...

CVE-2020-14336

A flaw was found in the Restricted Security Context Constraints SCC, where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerabilit...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes kubelet security vulnerability (CVE-2020-8557)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes kubelet that could result in the denial of service of a node CVE-2020-8557 Vulnerability Details CVEID: CVE-2020-8557 Description: Kubernetes kubelet is vulnerable to a denial of service, caused by an...

CVE-2020-14386

A flaw was found in the Linux kernel. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Mitigation If the CAPNETRAW capability disabled by...

CVE-2019-14819

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by...

CVE-2019-14819

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by...

CVE-2019-14819

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by...

CVE-2019-14819

Summary: CVE-2019-14819 affects OpenShift Container Platform during upgrade with CRI-O. The dockergc service account is incorrectly bound to the current user’s namespace, which can let an unprivileged user escalate privileges to the level allowed by the privileged Security Context Constraints. Im...

PT-2020-9605 · Red Hat · Openshift Container Platform

Name of the Vulnerable Software and Affected Versions: OpenShift Container Platform versions 3.x Description: A flaw was discovered in the upgrade process of OpenShift Container Platform, specifically when using CRI-O. The issue allows an unprivileged user to escalate their privileges to those...

CVE-2019-14819

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by...

CVE-2019-4415

IBM Cloud Private 3.1.1 and 3.1.2 could allow a local user to obtain elevated privileges due to improper security context constraints. IBM X-Force ID: 162706...

Input validation

IBM Cloud Private 3.1.1 and 3.1.2 could allow a local user to obtain elevated privileges due to improper security context constraints. IBM X-Force ID: 162706...