Openshift Container Platform@3.5 Security Vulnerabilities and Issues — Openshift Container Platform@3.5 CVE List

Lucene search

RedhatOpenshift Container Platform3.5

3 matches found

CVE•added 2018/12/05 9:29 p.m.•421 views

CVE-2018-1002105

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests...

9.8CVSS7.4AI score0.90405EPSS

CVE•added 2018/07/19 1:29 p.m.•318 views

CVE-2017-7481

Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templat...

9.8CVSS9.3AI score0.03687EPSS

CVE•added 2018/07/27 3:29 p.m.•157 views

CVE-2017-12195

A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. An attacker with knowledge of the given name used to authenticate and access Elasticsearch can later access it without the token, bypassing authentication. This attack also requires that the Elasticsearc...

6.5CVSS4.8AI score0.00198EPSS