Redhat

Openshift Container Platform

321 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.8%
  • Veröffentlicht 07.01.2020 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:30

OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has alrea...

  • EPSS 4.02%
  • Veröffentlicht 10.12.2019 22:15:13
  • Zuletzt bearbeitet 21.11.2024 04:25:36

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • EPSS 1.76%
  • Veröffentlicht 05.12.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:20:48

Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (<v0.4.3, <v1.0.2, v1.1, <v1.2.2, <v1.3.1), external-snapshotter (<v0.4.2, <v1.0.2, v1.1, <1.2.2), and external-resizer (v0.1, v0.2) could result in unauthorized ...

  • EPSS 0.99%
  • Veröffentlicht 25.11.2019 15:15:27
  • Zuletzt bearbeitet 21.11.2024 04:18:40

OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log l...

  • EPSS 1.6%
  • Veröffentlicht 25.11.2019 11:15:11
  • Zuletzt bearbeitet 21.11.2024 04:18:40

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An...

  • EPSS 0.69%
  • Veröffentlicht 25.11.2019 11:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:37

A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for th...

  • EPSS 0.92%
  • Veröffentlicht 14.11.2019 20:15:11
  • Zuletzt bearbeitet 21.11.2024 03:44:45

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

Exploit
  • EPSS 1.78%
  • Veröffentlicht 05.11.2019 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:18:41

A security issue was discovered in the kube-state-metrics versions v1.7.0 and v1.7.1. An experimental feature was added to the v1.7.0 release that enabled annotations to be exposed as metrics. By default, the kube-state-metrics metrics only expose me...

Exploit
  • EPSS 63.92%
  • Veröffentlicht 17.10.2019 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:26:22

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !r...

Exploit
  • EPSS 25.94%
  • Veröffentlicht 17.10.2019 16:15:10
  • Zuletzt bearbeitet 24.02.2026 20:23:48

Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CP...