Lucene search

K
RedhatOpenshift Container Platform*

5 matches found

CVE
CVE
added 2019/01/09 3:29 p.m.107 views

CVE-2019-0542

A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka "Xterm Remote Code Execution Vulnerability." This affects xterm.js.

8.8CVSS8.8AI score0.01946EPSS
CVE
CVE
added 2018/06/15 1:29 p.m.71 views

CVE-2018-1085

openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH in etcd.conf result in etcd being configured to allow remote ...

10CVSS9.3AI score0.01478EPSS
CVE
CVE
added 2019/07/30 11:15 p.m.55 views

CVE-2019-10165

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

2.3CVSS4AI score0.00059EPSS
CVE
CVE
added 2018/07/02 5:29 p.m.53 views

CVE-2018-10843

source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network co...

9CVSS8.8AI score0.00281EPSS
CVE
CVE
added 2018/06/12 1:29 p.m.50 views

CVE-2018-1070

routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard.

7.5CVSS7.5AI score0.00158EPSS