Latest critical severity vulnerabilities for "red hat openshift"

go/github.com/devfile/registry-support/registry-libraryRegistry-support: decompress can delete files outside scope via relative paths

critical

9.3

First published (updated )

CVE-2024-1485

IBM Robotic Process Automation for Cloud PakIBM Robotic Process Automation privilege escalation

critical

9.8

First published (updated )

CVE-2023-43058

IBM Robotic Process AutomationIBM Robotic Process Automation privilege escalation

critical

9.8

First published (updated )

CVE-2023-38734

IBM Watson Knowledge CatalogIBM Watson Knowledge Catalog on Cloud Pak SQL injection

critical

9.8

First published (updated )

CVE-2022-41731

IBM Cloud Pak for Security (CP4S)IBM Cloud Pak for Security (CP4S) could allow an attacker to perform unauthorized actions due to imp…

critical

9.8

First published (updated )

CVE-2021-20578

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Red Hat OpenShiftmcollective has a default password set at install

critical

9.8

First published (updated )

CVE-2014-0175

Red Hat OpenShiftCommand Injection, OS Command Injection

critical

9

First published (updated )

CVE-2014-0163

linuxfoundation runcOS Command Injection

critical

9.3

First published (updated )

CVE-2019-5736

Open vSwitchBuffer Overflow

critical

9.8

First published (updated )

CVE-2016-2074

Red Hat OpenShift OriginRed Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute co…

critical

9

First published (updated )

CVE-2016-2160

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

redhat/JenkinsInput Validation

critical

9

First published (updated )

CVE-2016-0792

redhat/JenkinsInfoleak, CSRF

critical

9.8

First published (updated )

CVE-2016-0791

redhat/JenkinsThe remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execut…

critical

10

First published (updated )

CVE-2016-0788

Apache ActiveMQInput Validation

critical

9.8

First published (updated )

CVE-2015-5254

JenkinsCommand Injection

critical

9.8

First published (updated )

CVE-2015-8103

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

redhat jboss enterprise application platformIt was found that the Apache commons-collections library permitted code execution when deserializing…

critical

10

First published (updated )

CVE-2015-7501

Red Hat OpenShiftCode Injection

critical

10

First published (updated )

CVE-2014-3496

Red Hat OpenShiftThe default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a passwo…

critical

9.8

First published (updated )

CVE-2014-0234

Red Hat OpenShiftIn a openshift node, there is a cron job to update mcollective facts that mishandles a temporary fil…

critical

9.1

First published (updated )

CVE-2013-4561

Red Hat OpenShiftOS Command Injection

critical

10

First published (updated )

CVE-2013-2060

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read More Start Free Trial

Versions

go/github.com/devfile/registry-support/registry-libraryRegistry-support: decompress can delete files outside scope via relative paths

IBM Robotic Process Automation for Cloud PakIBM Robotic Process Automation privilege escalation

IBM Robotic Process AutomationIBM Robotic Process Automation privilege escalation

IBM Watson Knowledge CatalogIBM Watson Knowledge Catalog on Cloud Pak SQL injection

IBM Cloud Pak for Security (CP4S)IBM Cloud Pak for Security (CP4S) could allow an attacker to perform unauthorized actions due to imp…

Never miss a vulnerability like this again

Red Hat OpenShiftmcollective has a default password set at install

Red Hat OpenShiftCommand Injection, OS Command Injection

linuxfoundation runcOS Command Injection

Open vSwitchBuffer Overflow

Red Hat OpenShift OriginRed Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute co…

Never miss a vulnerability like this again

redhat/JenkinsInput Validation

redhat/JenkinsInfoleak, CSRF

redhat/JenkinsThe remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execut…

Apache ActiveMQInput Validation

JenkinsCommand Injection

Never miss a vulnerability like this again

redhat jboss enterprise application platformIt was found that the Apache commons-collections library permitted code execution when deserializing…

Red Hat OpenShiftCode Injection

Red Hat OpenShiftThe default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a passwo…

Red Hat OpenShiftIn a openshift node, there is a cron job to update mcollective facts that mishandles a temporary fil…

Red Hat OpenShiftOS Command Injection

Never miss a vulnerability like this again

Company

Resources

Contact