Filters

Redhat Openshift Container PlatformOpenshift-console: unauthenticated installation of helm charts

medium
6.5
EPSS
0.05%
First published (updated )
CVE-2024-7079

Redhat Openshift Container PlatformCri-o: security regression of cve-2022-27652

medium
5.3
First published (updated )
CVE-2022-3466

Redhat Openshift Container PlatformA user can craft a route that injects a bogus entry into one of the HAProxy configuration files. Th…

medium
6.3
First published (updated )
CVE-2022-1677

redhat/cri-oA flaw was found in cri-o, where containers were incorrectly started with non-empty default permissi…

medium
5.3
First published (updated )
CVE-2022-27652

Redhat Openshift Container PlatformThe Restricted Security Context Constraints (SCC) allows pods to craft custom network packets. An at…

medium
6.5
First published (updated )
CVE-2020-14336

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

redhat/openshift-ansibleOpenShift Container Platform (OCP) 3.11 was too permissive in the way it specified CORS allowed orig…

medium
5.9
First published (updated )
CVE-2020-1741

Kubernetes External-provisionerKubernetes CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation

medium
6.5
First published (updated )
CVE-2019-11255

Redhat Openshift Container PlatformCri-o pods didn't provide sufficient isolation between the workload and infra containers such that w…

medium
6
First published (updated )
CVE-2019-14891

Redhat Openshift Container PlatformInfoleak

medium
6.5
First published (updated )
CVE-2019-10223

maven/org.jenkins-ci.main:jenkins-coreXSS

medium
4.8
First published (updated )
CVE-2019-10383

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Redhat Openshift Container PlatformThe basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS …

medium
6.5
First published (updated )
CVE-2019-10225

Kubernetes KubernetesKubernetes client-go logs authorization headers at debug verbosity levels

medium
6.5
First published (updated )
CVE-2019-11250

Kubernetes Kuberneteskubectl cp allows symlink directory traversal

medium
6.5
First published (updated )
CVE-2019-11249

Redhat Openshift Container PlatformA missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allo…

medium
4.3
First published (updated )
CVE-2019-10357

Jenkins JenkinsA vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earl…

medium
4.3
First published (updated )
CVE-2019-10354

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Redhat Openshift Container PlatformCSRF

medium
5.8
First published (updated )
CVE-2019-10176

Redhat Openshift Container Platformkubectl creates world-writeable cached schema files

medium
5
First published (updated )
CVE-2019-11244

Apache TomcatLast updated 24 July 2024

medium
5.9
First published (updated )
CVE-2019-2684

maven/org.jenkins-ci.main:jenkins-coreXSS

medium
5.4
First published (updated )
CVE-2019-1003050

Kubernetes Kuberneteskubectl cp path traversal

medium
6.4
First published (updated )
CVE-2019-1002101

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Redhat Openshift Container PlatformXSS

medium
5.4
First published (updated )
CVE-2019-3889

Prometheus PrometheusXSS

medium
6.1
First published (updated )
CVE-2019-3826

go/github.com/openshift/oauth-apiserverCSRF, XSS

medium
6.3
First published (updated )
CVE-2019-3876

go/k8s.io/kubernetesInput Validation

medium
6.5
First published (updated )
CVE-2019-1002100

Jenkins GitCSRF

medium
4.3
First published (updated )
CVE-2019-1003010

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Jenkins Config File ProviderXSS

medium
4.8
First published (updated )
CVE-2019-1003014

Jenkins Blue OceanXSS

medium
5.4
First published (updated )
CVE-2019-1003013

Jenkins Blue OceanCSRF

medium
6.5
First published (updated )
CVE-2019-1003012

Jenkins JenkinsInfoleak

medium
4.3
First published (updated )
CVE-2018-1000862

maven/org.jenkins-ci.main:jenkins-coreA denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in Cr…

medium
6.5
First published (updated )
CVE-2018-1000864

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Canonical Ubuntu LinuxLast updated 24 July 2024

medium
5.5
First published (updated )
CVE-2018-18397

Elastic KibanaXSS

medium
6.1
First published (updated )
CVE-2018-3830

Redhat Openshift Container PlatformXSS

medium
5.4
First published (updated )
CVE-2018-10937

Canonical Ubuntu LinuxPoppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access …

medium
6.5
First published (updated )
CVE-2018-13988

GNU BinutilsLast updated 24 July 2024

medium
5.5
First published (updated )
CVE-2018-13033

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Oracle FLEXCUBE Investor ServicingGoogle Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the…

medium
5.9
First published (updated )
CVE-2018-10237

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203