Openshift Security Vulnerabilities and Issues — Openshift CVE List

Lucene search

RedhatOpenshift

11 matches found

cve•added 2019/02/11 7:29 p.m.•670 views

CVE-2019-5736

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attack...

9.3CVSS8.8AI score0.55263EPSS

cve•added 2016/04/07 11:59 p.m.•172 views

CVE-2016-0792

Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.

9CVSS9.1AI score0.89805EPSS

cve•added 2016/01/08 7:59 p.m.•159 views

CVE-2015-5254

Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.

9.8CVSS8.7AI score0.77148EPSS

cve•added 2024/02/14 12:15 a.m.•102 views

CVE-2024-1485

A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the parent or plugin keywords. This could download a malicious archive and cause the cleanup process to overwrite or ...

9.3CVSS7.7AI score0.00807EPSS

cve•added 2020/02/12 1:15 a.m.•96 views

CVE-2014-0234

The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a Mongo account, which allows remote attackers to hijack the broker by providing this password, related to the openshift.sh script in Openshift Extras before 20130920. NOTE: this may...

9.8CVSS7.4AI score0.01422EPSS

cve•added 2016/04/07 11:59 p.m.•93 views

CVE-2016-0791

Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.

9.8CVSS9.1AI score0.00486EPSS

cve•added 2016/07/03 9:59 p.m.•72 views

CVE-2016-2074

Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.

9.8CVSS9.7AI score0.08554EPSS

cve•added 2016/06/08 5:59 p.m.•61 views

CVE-2016-2160

Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image.

9CVSS8.8AI score0.00614EPSS

cve•added 2019/12/13 1:15 p.m.•51 views

CVE-2014-0175

mcollective has a default password set at install

9.8CVSS9.5AI score0.00601EPSS

cve•added 2019/12/11 4:15 p.m.•45 views

CVE-2014-0163

Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.

9CVSS8.9AI score0.01787EPSS

cve•added 2022/06/30 7:15 p.m.•43 views

CVE-2013-4561

In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.

9.1CVSS9AI score0.00313EPSS