Lucene search
K
RedhatOpenshift Data Science

4 matches found

CVE
CVE
added 2023/10/10 12:0 a.m.5301 views

CVE-2023-44487

CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...

7.5CVSS8AI score0.99999EPSS
In wild
CVE
CVE
added 2023/09/15 8:16 p.m.102 views

CVE-2023-0923

CVE-2023-0923 affects Red Hat OpenShift Data Science (RHODS) with the odh-notebook-controller-container vulnerability: insufficient authorization allows requests from other namespaces to reach the Jupyter API, exposing file contents and related data. Connected sources corroborate impact and root ...

9.8CVSS9.1AI score0.00937EPSS
CVE
CVE
added 2024/08/08 9:33 p.m.95 views

CVE-2024-7557

OpenShift AI CVE-2024-7557 describes an authentication bypass and privilege escalation across models within the same namespace. Affected: OpenShift AI versions prior to 2.9. Root cause: the UI-protected models expose credentials/tokens (ServiceAccount tokens) in the UI, which can be used with oc ...

8.8CVSS7.9AI score0.00932EPSS
CVE
CVE
added 2023/10/04 11:34 a.m.56 views

CVE-2023-3361

CVE-2023-3361 affects Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra notebook editor as Python DSL or YAML, it reads S3 credentials from the cluster (ds pipeline server) and saves them in plaintext in the generated output instead of an ID for a Kubernetes secret. The doc...

7.7CVSS7.6AI score0.0047EPSS