Filter
AND
AND

Redhat Openshift Container PlatformOpenshift-console: unauthenticated installation of helm charts

EPSS
0.05%
First published (updated )

Redhat Openshift Container PlatformCri-o: malicious container can create symlink on host

8.1
EPSS
0.04%
First published (updated )

go/github.com/cri-o/cri-oCri-o: pods are able to break out of resource confinement on cgroupv2

7.5
EPSS
0.06%
First published (updated )

Redhat Openshift Container PlatformCri-o: security regression of cve-2022-27652

First published (updated )

Redhat Enterprise LinuxAn incorrect handling of the supplementary groups in the Podman container engine might lead to the s…

7.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/cri-oA vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyon…

7.8
First published (updated )

Redhat Openshift Container PlatformA user can craft a route that injects a bogus entry into one of the HAProxy configuration files. Th…

First published (updated )

redhat/cri-oA flaw was found in cri-o, where containers were incorrectly started with non-empty default permissi…

First published (updated )

Redhat Enterprise LinuxPodman versions prior to 1.7.0 ignore file permissions for non-root users running in a privileged co…

First published (updated )

Redhat Kubernetes-clientPath Traversal

7.4
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/grafanaA signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypas…

First published (updated )

ubuntu/pygmentsAn infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when pe…

7.5
First published (updated )

Redhat Openshift Container PlatformThe Restricted Security Context Constraints (SCC) allows pods to craft custom network packets. An at…

First published (updated )

Redhat Openshift Container PlatformCVE-2020-10752

7.5
First published (updated )

redhat/kibanaCode Injection

7.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

ubuntu/haproxyIn hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a r…

8.8
First published (updated )

redhat/podmanPath Traversal

First published (updated )

Redhat Openshift Container PlatformIt has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up…

First published (updated )

redhat/openshift-ansibleOpenShift Container Platform (OCP) 3.11 was too permissive in the way it specified CORS allowed orig…

First published (updated )

Redhat Openshift Container PlatformAn insecure modification vulnerability in the /etc/passwd file was found in the container openshift/…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Openshift Container PlatformUse After Free

7.5
First published (updated )

Redhat Openshift Container PlatformA flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using C…

8.8
First published (updated )

Redhat Enterprise Linux EusSQL Injection

8.8
First published (updated )

Kubernetes External-provisionerKubernetes CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation

First published (updated )

Redhat Openshift Container PlatformCri-o pods didn't provide sufficient isolation between the workload and infra containers such that w…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Openshift Container PlatformInfoleak

First published (updated )

Kubernetes KubernetesKubernetes API Server JSON/YAML parsing vulnerable to resource exhaustion attack

7.5
First published (updated )

redhat/kernelBuffer Overflow

7.8
First published (updated )

Fedoraproject FedoraA flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it…

First published (updated )

Fedoraproject FedoraA flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures w…

7.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Fedoraproject FedoraA flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure wher…

7.8
First published (updated )

maven/org.jenkins-ci.main:jenkins-coreCSRF

8.8
First published (updated )

maven/org.jenkins-ci.main:jenkins-coreXSS

First published (updated )

Redhat Openshift Container PlatformThe basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS …

First published (updated )

Kubernetes KubernetesKubernetes client-go logs authorization headers at debug verbosity levels

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Kubernetes Kuberneteskubectl cp allows symlink directory traversal

First published (updated )

F5 Big-ip Local Traffic ManagerSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service

7.8
First published (updated )

Redhat Openshift Container PlatformA missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allo…

First published (updated )

Redhat Openshift Container PlatformIncorrect Type Cast

8.8
First published (updated )

Redhat Openshift Container PlatformA sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the han…

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Kubernetes KubernetesKubernetes kube-apiserver allows access to custom resources via wrong scope

8.1
First published (updated )

Oracle Banking PlatformiTMSTransporter. Multiple issues were addressed with updating FasterXML jackson-databind and Apache …

First published (updated )

Redhat Enterprise Linux EusBuffer Overflow

First published (updated )

Jenkins JenkinsA vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earl…

First published (updated )

Redhat Openshift Container PlatformCSRF

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Openshift Container Platformkubectl creates world-writeable cached schema files

First published (updated )

Redhat Openshift Container PlatformHeketi is used to manage GlusterFS nodes and volumes. The default configuration of Heketi does not r…

First published (updated )

Canonical Ubuntu LinuxLast updated 24 July 2024

8.1
First published (updated )

Oracle JDKLast updated 24 July 2024

7.5
First published (updated )

Apache TomcatLast updated 24 July 2024

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203