ReportizFlow
Filtered by vendor Redhat
Subscriptions
Filtered by product Openshift
Subscriptions
Total
975 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-20860 | 2 Redhat, Vmware | 9 Amq Broker, Camel Spring Boot, Jboss Enterprise Bpms Platform and 6 more | 2024-11-21 | 7.5 High |
| Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass. | ||||
| CVE-2023-1370 | 2 Json-smart Project, Redhat | 9 Json-smart, Amq Clients, Amq Streams and 6 more | 2024-11-21 | 7.5 High |
| [Json-smart](https://netplex.github.io/json-smart/) is a performance focused, JSON processor lib. When reaching a ‘[‘ or ‘{‘ character in the JSON input, the code parses an array or an object respectively. It was discovered that the code does not have any limit to the nesting of such arrays or objects. Since the parsing of nested arrays and objects is done recursively, nesting too many of them can cause a stack exhaustion (stack overflow) and crash the software. | ||||
| CVE-2023-1260 | 2 Kubernetes, Redhat | 4 Kube-apiserver, Openshift, Openshift Container Platform and 1 more | 2024-11-21 | 8 High |
| An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod. | ||||
| CVE-2023-0778 | 2 Podman Project, Redhat | 3 Podman, Enterprise Linux, Openshift | 2024-11-21 | 6.8 Medium |
| A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system. | ||||
| CVE-2023-0665 | 2 Hashicorp, Redhat | 3 Vault, Openshift, Openshift Data Foundation | 2024-11-21 | 6.5 Medium |
| HashiCorp Vault's PKI mount issuer endpoints did not correctly authorize access to remove an issuer or modify issuer metadata, potentially resulting in denial of service of the PKI mount. This bug did not affect public or private key material, trust chains or certificate issuance. Fixed in Vault 1.13.1, 1.12.5, and 1.11.9. | ||||
| CVE-2023-0620 | 2 Hashicorp, Redhat | 3 Vault, Openshift, Openshift Data Foundation | 2024-11-21 | 6.5 Medium |
| HashiCorp Vault and Vault Enterprise versions 0.8.0 through 1.13.1 are vulnerable to an SQL injection attack when configuring the Microsoft SQL (MSSQL) Database Storage Backend. When configuring the MSSQL plugin through the local, certain parameters are not sanitized when passed to the user-provided MSSQL database. An attacker may modify these parameters to execute a malicious SQL command. This issue is fixed in versions 1.13.1, 1.12.5, and 1.11.9. | ||||
| CVE-2023-0475 | 2 Hashicorp, Redhat | 3 Go-getter, Openshift, Openshift Security Profiles Operator Stable | 2024-11-21 | 4.2 Medium |
| HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0. | ||||
| CVE-2023-0296 | 1 Redhat | 1 Openshift | 2024-11-21 | 5.3 Medium |
| The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy, hence this port might be considered as still vulnerable to the same type of vulnerability. The health checks on etcd grpc-proxy do not contain sensitive data (only metrics data), therefore the potential impact related to this vulnerability is minimal. The CVE-2023-0296 has been assigned to this issue to track the permanent fix in the etcd component. | ||||
| CVE-2023-0229 | 1 Redhat | 1 Openshift | 2024-11-21 | 6.3 Medium |
| A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restricted-v2 Security Context Constraint (SCC) is "runtime/default," allowing users to disable seccomp for pods they can create and modify. | ||||
| CVE-2023-0056 | 3 Fedoraproject, Haproxy, Redhat | 12 Extra Packages For Enterprise Linux, Fedora, Haproxy and 9 more | 2024-11-21 | 6.5 Medium |
| An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability. | ||||
| CVE-2022-4318 | 3 Fedoraproject, Kubernetes, Redhat | 9 Extra Packages For Enterprise Linux, Fedora, Cri-o and 6 more | 2024-11-21 | 7.8 High |
| A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable. | ||||
| CVE-2022-4145 | 1 Redhat | 2 Openshift, Openshift Container Platform | 2024-11-21 | 4.3 Medium |
| A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote, unauthenticated attacker to inject text into a webpage, enabling the obfuscation of a phishing operation. | ||||
| CVE-2022-46174 | 2 Amazon, Redhat | 3 Efs-utils, Elastic File System Container Storage Interface Driver, Openshift | 2024-11-21 | 4.2 Medium |
| efs-utils is a set of Utilities for Amazon Elastic File System (EFS). A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS connections prior to applying the TLS tunnel. In affected versions, concurrent mount operations can allocate the same local port, leading to either failed mount operations or an inappropriate mapping from an EFS customer’s local mount points to that customer’s EFS file systems. This issue is patched in version v1.34.4. There is no recommended work around. We recommend affected users update the installed version of efs-utils to v1.34.4 or later. | ||||
| CVE-2022-46149 | 3 Capnproto, Fedoraproject, Redhat | 4 Capnp, Capnproto, Fedora and 1 more | 2024-11-21 | 5.4 Medium |
| Cap'n Proto is a data interchange format and remote procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error handling list-of-list. This issue may lead someone to remotely segfault a peer by sending it a malicious message, if the victim performs certain actions on a list-of-pointer type. Exfiltration of memory is possible if the victim performs additional certain actions on a list-of-pointer type. To be vulnerable, an application must perform a specific sequence of actions, described in the GitHub Security Advisory. The bug is present in inlined code, therefore the fix will require rebuilding dependent applications. Cap'n Proto has C++ fixes available in versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3. The `capnp` Rust crate has fixes available in versions 0.13.7, 0.14.11, and 0.15.2. | ||||
| CVE-2022-46146 | 2 Prometheus, Redhat | 2 Exporter Toolkit, Openshift | 2024-11-21 | 6.2 Medium |
| Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality. | ||||
| CVE-2022-45381 | 2 Jenkins, Redhat | 2 Pipeline Utility Steps, Openshift | 2024-11-21 | 8.1 High |
| Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowing attackers able to configure Pipelines to read arbitrary files from the Jenkins controller file system. | ||||
| CVE-2022-45380 | 2 Jenkins, Redhat | 2 Junit, Openshift | 2024-11-21 | 5.4 Medium |
| Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
| CVE-2022-45379 | 2 Jenkins, Redhat | 2 Script Security, Openshift | 2024-11-21 | 7.5 High |
| Jenkins Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the script, making it vulnerable to collision attacks. | ||||
| CVE-2022-45047 | 2 Apache, Redhat | 12 Sshd, Camel Spring Boot, Jboss Data Grid and 9 more | 2024-11-21 | 9.8 Critical |
| Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server. | ||||
| CVE-2022-43922 | 2 Ibm, Redhat | 2 App Connect Enterprise Certified Container, Openshift | 2024-11-21 | 5.3 Medium |
| IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583. | ||||