Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatOpenshift Container Platform4.2

16 matches found

CVE
CVEadded 2019/08/13 9:15 p.m.740 views

CVE-2019-9514

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STR...

7.8CVSS7.9AI score0.10058EPSS
CVE
CVEadded 2019/12/10 10:15 p.m.588 views

CVE-2019-13734

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.06699EPSS
CVE
CVEadded 2019/11/14 8:15 p.m.498 views

CVE-2018-12207

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

6.5CVSS7AI score0.00392EPSS
CVE
CVEadded 2020/02/12 3:15 p.m.376 views

CVE-2019-19921

runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not...

7CVSS7AI score0.00244EPSS
CVE
CVEadded 2019/09/25 6:15 p.m.278 views

CVE-2019-16884

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

7.5CVSS7.5AI score0.00301EPSS
CVE
CVEadded 2019/12/05 4:15 p.m.239 views

CVE-2019-11255

Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (<v0.4.3, <v1.0.2, v1.1, <v1.2.2, <v1.3.1), external-snapshotter (<v0.4.2, <v1.0.2, v1.1,

6.5CVSS5.7AI score0.00862EPSS
CVE
CVEadded 2020/04/23 3:15 p.m.239 views

CVE-2020-1760

A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.

6.1CVSS5.9AI score0.00262EPSS
CVE
CVEadded 2019/09/30 7:15 p.m.235 views

CVE-2019-16276

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.

7.5CVSS7.5AI score0.11631EPSS
CVE
CVEadded 2020/02/07 9:15 p.m.188 views

CVE-2020-1708

It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from 4.1 to, including 4.3, that multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this...

7CVSS6.8AI score0.00108EPSS
CVE
CVEadded 2020/02/12 6:15 p.m.178 views

CVE-2020-8945

The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.

7.5CVSS7.5AI score0.04013EPSS
CVE
CVEadded 2020/01/07 5:15 p.m.112 views

CVE-2019-14854

OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged u...

6.5CVSS6.1AI score0.00362EPSS
CVE
CVEadded 2020/03/09 4:15 p.m.85 views

CVE-2020-1706

It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to mo...

7CVSS6.9AI score0.00094EPSS
CVE
CVEadded 2019/07/11 7:15 p.m.77 views

CVE-2019-3889

A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 through 3.7 and openshift-enterprise-3.9 through 3.11. An attacker could use this flaw to steal authorization data by getting them to click on a maliciou...

5.4CVSS5AI score0.00353EPSS
CVE
CVEadded 2019/11/25 11:15 a.m.73 views

CVE-2019-14891

A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for the cgroup. An attacker could abuse this flaw to ge...

6CVSS4.8AI score0.00316EPSS
CVE
CVEadded 2019/11/25 3:15 p.m.60 views

CVE-2019-10213

OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by ...

6.5CVSS6.1AI score0.00451EPSS
CVE
CVEadded 2019/11/05 12:15 p.m.58 views

CVE-2019-10223

A security issue was discovered in the kube-state-metrics versions v1.7.0 and v1.7.1. An experimental feature was added to the v1.7.0 release that enabled annotations to be exposed as metrics. By default, the kube-state-metrics metrics only expose metadata about Secrets. However, a combination of t...

6.5CVSS6.4AI score0.01162EPSS