Lucene search
K
RedhatOpenshift Container Platform*

5 matches found

CVE
CVE
added 2019/01/09 3:0 p.m.129 views

CVE-2019-0542

CVE-2019-0542 is a remote code execution vulnerability in xterm.js caused by mishandling of special characters. The issue affects xterm.js and is corroborated by multiple connected records (e.g., RHSA advisories and OSV entries) that describe remote code execution. The documented details stop at ...

8.8CVSS8.8AI score0.03178EPSS
CVE
CVE
added 2018/06/15 1:0 p.m.91 views

CVE-2018-1085

CVE-2018-1085 affects OpenShift OpenShift-ansible deployments: OpenShift Ansible before 3.9.23 and 3.7.46 deploys etcd with a misconfigured etcd.conf where ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH values are quoted, causing SSL client certificate authentication to be disabled. This en...

10CVSS9.3AI score0.02237EPSS
CVE
CVE
added 2019/07/30 10:18 p.m.74 views

CVE-2019-10165

The CVE describes a vulnerability in OpenShift Container Platform prior to 4.1.3 where OAuth tokens are written in plaintext to API server audit logs. A user with sufficient privileges could recover these tokens from the logs and use them to access other resources. The issue is confirmed by multi...

2.3CVSS4AI score0.00384EPSS
CVE
CVE
added 2018/07/02 5:0 p.m.69 views

CVE-2018-10843

CVE-2018-10843 affects OpenShift Container Platform 3.9.x (and earlier in the source-to-image component) where the assembler-user LABEL set to root in builder images can allow privilege escalation, enabling the assemble script to run as root inside a non-privileged container. The connected Red Ha...

9CVSS8.8AI score0.01362EPSS
CVE
CVE
added 2018/06/12 1:0 p.m.64 views

CVE-2018-1070

OpenShift OpenShift Routing before v3.10 is vulnerable to improper input validation of Routing configurations, enabling DoS that can take down an entire router shard. Affected: OpenShift Container Platform routing component (pre-3.10). Root cause: input validation flaw in Routing configuration. I...

7.5CVSS7.5AI score0.00856EPSS