Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatOpenshift

15 matches found

CVE
CVEadded 2018/07/13 10:29 p.m.248 views

CVE-2018-10875

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00062EPSS
CVE
CVEadded 2018/09/21 1:29 p.m.194 views

CVE-2018-14645

A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.

7.5CVSS7.1AI score0.00149EPSS
CVE
CVEadded 2018/04/30 7:29 p.m.113 views

CVE-2018-1102

A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. An improper path validation of tar files in ExtractTarStreamFromTarReader in tar/tar.go leads to privilege escalation.

8.8CVSS8.4AI score0.01331EPSS
CVE
CVEadded 2018/04/24 6:29 p.m.111 views

CVE-2018-1059

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions be...

6.1CVSS5.8AI score0.00256EPSS
CVE
CVEadded 2018/05/11 8:29 p.m.104 views

CVE-2018-1257

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message ...

6.5CVSS7AI score0.0179EPSS
CVE
CVEadded 2018/05/08 6:29 p.m.72 views

CVE-2017-2611

Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background processes (that ...

4.3CVSS4.5AI score0.0021EPSS
CVE
CVEadded 2018/07/16 8:29 p.m.65 views

CVE-2017-15137

The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This could allow a user with access to OpenShift to run images from registries that should not be allowed.

5.3CVSS5.3AI score0.00167EPSS
CVE
CVEadded 2018/07/05 1:29 p.m.51 views

CVE-2018-10885

In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster.

7.5CVSS7.3AI score0.00378EPSS
CVE
CVEadded 2018/07/31 8:29 p.m.50 views

CVE-2016-8631

The OpenShift Enterprise 3 router does not properly sort routes when processing newly added routes. An attacker with access to create routes can potentially overwrite existing routes and redirect network traffic for other users to their own site.

7.7CVSS7.5AI score0.00191EPSS
CVE
CVEadded 2018/08/01 4:29 p.m.48 views

CVE-2016-8651

An input validation flaw was found in the way OpenShift 3 handles requests for images. A user, with a copy of the manifest associated with an image, can pull an image even if they do not have access to the image normally, resulting in the disclosure of any information contained within the image.

3.5CVSS3.7AI score0.00274EPSS
CVE
CVEadded 2018/09/10 2:29 p.m.47 views

CVE-2016-7075

It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.

8.1CVSS8AI score0.00301EPSS
CVE
CVEadded 2018/04/11 7:29 p.m.45 views

CVE-2017-7534

OpenShift Enterprise version 3.x is vulnerable to a stored XSS via the log viewer for pods. The flaw is due to lack of sanitation of user input, specifically terminal escape characters, and the creation of clickable links automatically when viewing the log files for a pod.

5.4CVSS5.2AI score0.00168EPSS
CVE
CVEadded 2018/03/09 2:29 p.m.43 views

CVE-2018-1069

Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem.

7.1CVSS6.8AI score0.00092EPSS
CVE
CVEadded 2018/01/08 7:29 p.m.40 views

CVE-2013-4364

(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp.

7.8CVSS7.7AI score0.00031EPSS
CVE
CVEadded 2018/04/16 3:29 p.m.36 views

CVE-2016-9592

openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to detach, which causes the delete operation to fail with 'VolumeInUse' error. Since the delete operation is retried every 30 seconds for each volume, this could lead to a denial of service attack as the n...

4.3CVSS4.6AI score0.00315EPSS