146 matches found
CVE-2023-44487
CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...
CVE-2022-2403
CVE-2022-2403 affects Red Hat OpenShift Container Platform. A private key for the external cluster certificate was stored in the oauth-serving-cert ConfigMaps and became readable by any authenticated OpenShift user/service-account, enabling credential disclosure that could compromise web traffic ...
CVE-2019-5736
CVE-2019-5736 affects runc as shipped in Docker before 18.09.2 and other products, enabling a container to overwrite the host runc binary via /proc/self/exe and gain host root. Root cause: file-descriptor mishandling in runc leading to command execution as root inside a container. Affected versio...
CVE-2015-5317
CVE-2015-5317 affects Jenkins CloudBees Jenkins Fingerprints pages. Affected products: Jenkins before 1.638 and LTS before 1.625.2. The vulnerability is an information disclosure in the Fingerprints UI that allows remote attackers to obtain sensitive job and build names via a direct request. The ...
CVE-2016-5766
CVE-2016-5766 affects the GD Graphics Library (libgd) via an integer overflow in _gd2GetHeader() in gd_gd2.c, before libgd 2.2.3. This can cause a heap-based overflow when processing crafted GD2 images, leading to a denial of service (and potentially other impact) on the host application using th...
CVE-2015-7501
CVE-2015-7501 involves a deserialization flaw in Apache Commons Collections that affects Red Hat JBoss Middleware stack (A-MQ 6.x; BPMS 6.x; BRMS 5.x/6.x; JDG 6.x/5.x; JDV 6.x/5.x; AEP 6.x; Fuse 6.x; FSW 6.x; JBoss ON 3.x; Portal 6.x; SOA-P 5.x; JWS 3.x; OpenShift/xPaaS 3.x; Subscription Asset Ma...
CVE-2024-12085
CVE-2024-12085 affects rsync; a flaw in checksum comparison allows an attacker to manipulate s2length, causing comparisons against uninitialized memory and leaking one byte of uninitialized stack data per interaction. The issue is rated HIGH (CVSS 3.1: 7.5) with network attack vector and no user ...
CVE-2018-10875
CVE-2018-10875 affects Ansible where ansible.cfg is read from the current working directory, allowing an attacker to influence the plugin/module path and potentially execute arbitrary code. The issue arises because the CWD can be manipulated to point to controlled code. Red Hat/Ubuntu/openSUSE ad...
CVE-2016-0792
CVE-2016-0792 affects Jenkins, including the core up to 1.650 and LTS up to 1.642.2, via a deserialization flaw in XML data using XStream and groovy.util.Expando. The vulnerability allows remote authenticated users to execute arbitrary code by crafting a serialized payload in an XML file. Public ...
CVE-2018-14645
HAProxy HPACK decoder in versions before 1.8.14 contains an out-of-bounds read in hpack_valid_idx(), leading to remote crash and denial of service. Affected: HAProxy’s HTTP/2 HPACK handling. Impact: remote crash/DoS. Mitigation: upgrade to HAProxy 1.8.14 or newer (as indicated by multiple advisor...
CVE-2017-1000376
CVE-2017-1000376 affects libffi. The vulnerability enables an executable stack that can be exploited to trigger arbitrary code execution on 32-bit x86 systems prior to libffi 3.1; upstream is believed to have fixed the issue in version 3.1. Other references indicate that libffi 3.1.x mitigates th...
CVE-2012-6685
Nokogiri prior to 1.5.4 is vulnerable to XML External Entity (XXE) attacks. The issue arises in the XML parsing path (XXE) and is documented under CVE-2012-6685. Exploitation details are not provided beyond the XXE description. Affected software: Nokogiri (Ruby library). Root cause: XXE in XML pr...
CVE-2020-1759
CVE-2020-1759 affects Red Hat Ceph Storage 4 and Red Hat OpenShift Container Storage 4.2, where the secure mode of the messenger v2 protocol (msgr2) allows nonce reuse. This enables forging authentication tags and can lead to confidentiality and integrity problems in sessions when a nonce is reus...
CVE-2013-2186
CVE-2013-2186 affects Apache Commons FileUpload (DiskFileItem) and allows remote attackers to overwrite/write arbitrary files by exploiting a NULL byte in a serialized file name. The vulnerability is present in affected Red Hat/JBoss stacks (BRMS, Portal, Web Server) and also appears across IBM a...
CVE-2015-5254
CVE-2015-5254 is a deserialization vulnerability in Apache ActiveMQ 5.x prior to 5.13.0. The broker does not restrict serialized classes, enabling remote attackers to execute arbitrary code via a crafted JMS ObjectMessage. Several connected advisories confirm the issue and note mitigations: upgra...
CVE-2021-3695
CVE-2021-3695 affects grub2. A crafted 16-bit grayscale PNG image can cause an out-of-bounds write in grub2 heap, leading to heap data corruption and potentially arbitrary code execution, bypassing secure boot protections. The vulnerability requires heap-layout triage and the written values are r...
CVE-2023-0296
Technical details for CVE-2023-0296 are not provided in the supplied documents. No affected products, root cause, or remediation specifics are present here. Monitor for updates in connected feeds to obtain concrete information.
CVE-2021-3697
CVE-2021-3697 is a grub2 JPEG handling vulnerability where crafting a JPEG image may cause a heap underflow in the JPEG reader, enabling data corruption and potentially code execution or secure-boot circumvention. It affects grub2 versions prior to the fixed release (notably legacy references to ...
CVE-2021-3696
CVE-2021-3696 = heap out-of-bounds write during Huffman table handling in grub2’s PNG reader, causing potential heap corruption. Affected: grub2 before patch grub-2.12; implications listed as Low/Low/Low in some sources, with potential for data corruption and, in theory, arbitrary code execution ...
CVE-2021-4125
CVE-2021-4125 : Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2013-0165
CVE-2013-0165 affects OpenShift: the cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh script does not properly create files in /tmp. Affected component is the dump.sh script within the OpenShift MongoDB cartridge (version 2.2). Underlying issue is improper file creation in /tmp,...
CVE-2022-3259
CVE-2022-3259 is confirmed in multiple connected advisories as OpenShift OpenShift Container Platform components failing to use HTTP Strict Transport Security (HSTS), which may enable MITM attacks (noted for OpenShift 4.9; also reflected in later RHSA/RHOS advisories). The issue is tied to Missin...
CVE-2016-0788
CVE-2016-0788 affects the Jenkins remoting module. The vulnerability allows remote code execution by an attacker who can open a JRMP listener, enabling arbitrary code execution on the Jenkins host. Affected software is Jenkins before version 1.650 and Jenkins LTS versions before 1.642.2. The impa...
CVE-2023-0229
CVE-2023-0229 is tied to the OpenShift OpenShift apiserver-library-go component. The flaw allows low-privilege users to alter the seccomp profile of pods they control to unconfined, taking advantage of the default restricted-v2 SCC seccomp profile (runtime/default). The vulnerability originates f...
CVE-2018-1257
CVE-2018-1257 affects Spring Framework: vulnerable in Spring Messaging when using an in-memory STOMP broker exposed via STOMP over WebSocket. A malicious user can craft a message to the broker that triggers a regular-expression denial of service. Affected versions are Spring Framework 5.0.x befor...
CVE-2021-3636
OpenShift OpenShift before 4.8 includes an in-cluster Service CA certificate that incorrectly contains additional CA certificates. This allows an attacker who compromising any of those extra CAs to masquerade as a trusted in-cluster service, enabling potential impersonation of in-cluster services...
CVE-2018-1102
CVE-2018-1102 describes a flaw in the source-to-image function shipped with OpenShift Enterprise 3.x. The issue comes from an improper path validation of tar files in ExtractTarStreamFromTarReader (tar/tar.go), which leads to privilege escalation. The description does not specify affected product...
CVE-2018-1059
The CVE concerns the DPDK vhost-user interface, where Guest Physical Addresses to Host Virtual Addresses translations do not verify that the requested guest physical range is fully mapped and contiguous. This can expose vhost-user backend memory to a malicious guest. The vulnerability affects all...
CVE-2016-0790
Jenkins CVE-2016-0790 affects Jenkins core before 1.650 and LTS before 1.642.2, where API token verification does not use a constant-time algorithm—enabling remote attackers to brute-force tokens. The linked sources confirm this cryptographic weakness and tie it to Jenkins releases prior to these...
CVE-2019-19348
CVE-2019-19348 affects the OpenShift container image openshift/apb-base. The vulnerability is an insecure modification of /etc/passwd in the container, enabling privilege escalation for an attacker with container access. Affected versions include 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. If exploite...
CVE-2020-1707
The CVE-2020-1707 issue affects openshift/postgresql-apb in versions prior to 4.3.0. In the container, an insecure modification fault allows an attacker with container access to modify /etc/passwd and escalate privileges. Affected product/component: openshift/postgresql-apb; vulnerable path: /etc...
CVE-2016-0791
CVE-2016-0791 affects Jenkins core prior to 1.650 and OpenJenkins LTS prior to 1.642.2, where the CSRF token verification does not use a constant-time algorithm. This non-constant-time CSRF check allows a remote attacker to bypass CSRF protection via brute-forcing. Affected products/components: J...
CVE-2019-19351
CVE-2019-19351 affects the container openshift/jenkins-slave-base-rhel7-container used in OpenShift 4 and 3.11. The vulnerability is an insecure modification of /etc/passwd inside the container, enabling privilege escalation if an attacker gains container access. Related advisories (Red Hat RHSA-...
CVE-2020-10715
CVE-2020-10715 is a content spoofing vulnerability in the OpenShift Console (versions 3.11 and 4.x). A crafted URL can inject arbitrary text onto the error page, potentially convincing users the message is legitimate. Documented impact is user-facing text injection on error pages; exploitation sp...
CVE-2019-19355
CVE-2019-19355 affects openshift/ocp-release-operator-sdk (and is tied to openshift/ansible-operator-container in OpenShift 4). The vulnerability is an insecure modification flaw in /etc/passwd that could allow an attacker with container access to modify /etc/passwd and escalate privileges. Multi...
CVE-2024-1485
CVE-2024-1485 affects the registry-support library’s decompression logic. An unauthenticated attacker can trick a user into parsing a devfile that uses the parent or plugin keywords, causing the decompressor to extract archives with relative paths that write outside the intended scope. This can l...
CVE-2014-0234
Technical details for CVE-2014-0234 are not publicly available in the provided documents. No affected product/version/impact is specified here. Monitor for updates in the connected sources for exact remediation guidance.
CVE-2016-3721
CVE-2016-3721 affects Jenkins core: Jenkins before 2.3 and LTS before 1.651.2 may allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables. Root cause is unsafe handling of environment variables during builds, enabling parameter le...
CVE-2019-19345
CVE-2019-19345 affects openshift/mediawiki-apb versions prior to 4.3.0 where an insecure modification of /etc/passwd inside the container could let an attacker modify the file and escalate privileges. The issue is tied to improper permissions on /etc/passwd in the affected APB suite; Red Hat advi...
CVE-2019-19346
The CVE-2019-19346 entry describes an insecure modification vulnerability in the container component openshift/mariadb-apb that allows modification of /etc/passwd, enabling privilege escalation for an attacker with container access. Affected releases include versions before 4.3.5, 4.2.21, 4.1.37,...
CVE-2016-5418
CVE-2016-5418 affects libarchive up to and including version 3.2.0, where sandboxing of archives with hardlinks mishandles entries of non-zero data size. This can allow a remote attacker to write to arbitrary files via a crafted archive, as described in multiple advisories. Public reports referen...
CVE-2019-3884
CVE-2019-3884 affects atomic-openshift garbage collection; cross-namespace UUID spoofing can delete children. Affected: OpenShift/atomic-openshift versions 3.6–4.1. Remediation in Red Hat advisory RHSA-2020:5634: upgrade OpenShift Container Platform to 4.7.0 (and apply the listed fixes). Other do...
CVE-2019-6648
CVE-2019-6648 affects F5 Container Ingress Services for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) version 1.9.0. When DEBUG logging is enabled, CIS log files may disclose BIG-IP secrets (SSL private keys and private key passphrases) supplied via an AS3 Declaration. Impact is exposure of s...
CVE-2024-45777
CVE-2024-45777 is a GRUB2 flaw where reading a language .mo file can overflow the translation buffer in grub_gettext_getstr_from_position(), causing an Out-of-Bounds write and potential circumvention of secure boot. Connected advisories confirm patched GRUB2 packages and versions: AlmaLinux 2025/...
CVE-2014-3680
CVE-2014-3680 affects Jenkins before 1.583 and LTS before 1.565.3, permitting remote authenticated users with Job/READ to read the DOM and obtain the default value for a parameterized job password field. Root cause: information disclosure via DOM in the parameter password. Impact: potential expos...
CVE-2016-3722
CVE-2016-3722 affects Jenkins core. Affected: Jenkins versions before 2.3 and LTS lines before 1.651.2. Root cause: denial of service via remote authenticated users with multiple accounts caused by editing the user’s full name. Impact: login denial (partial availability). Mitigation: upgrade to J...
CVE-2013-2119
Phusion Passenger gem vulnerability (CVE-2013-2119) affects Phusion Passenger for Ruby, specifically the gem versions before 3.0.21 and 4.0.x before 4.0.5. The issue arises from insecure handling of temporary directories/files in /tmp, where a local attacker can pre-create a predictable temporary...
CVE-2013-5123
The CVE-2013-5123 issue affects Python-pip prior to 1.5, where the mirroring support (-M/--use-mirrors) performs insecure DNS queries and lacks proper authenticity checks, enabling MITM-like download tampering. Connected advisories confirm this vulnerability and describe the fix as removing the m...
CVE-2016-0789
CVE-2016-0789 is a CRLF injection vulnerability in the Jenkins CLI command documentation that allows remote attackers to inject arbitrary HTTP headers and perform HTTP response splitting via unspecified vectors. Affected products are Jenkins prior to version 1.650 and LTS prior to 1.642.2. The ro...
CVE-2016-2074
Open vSwitch: MPLS processing in ovs-vswitchd contains a buffer overflow in OpenFlow/MPLS label handling affecting Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1. A remote attacker can exploit crafted MPLS packets to achieve arbitrary code execution or DoS. Upstream fixes are in...