Redhat

Openshift Container Platform

321 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 5.16%
  • Veröffentlicht 30.09.2019 19:15:08
  • Zuletzt bearbeitet 21.11.2024 04:30:26

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.

Exploit
  • EPSS 4.41%
  • Veröffentlicht 25.09.2019 18:15:13
  • Zuletzt bearbeitet 21.11.2024 04:31:16

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc direct...

Exploit
  • EPSS 0.63%
  • Veröffentlicht 17.09.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:27:27

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descript...

  • EPSS 11.4%
  • Veröffentlicht 06.09.2019 14:15:15
  • Zuletzt bearbeitet 21.11.2024 04:27:24

A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable se...

Exploit
  • EPSS 0.51%
  • Veröffentlicht 04.09.2019 12:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:19

In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivile...

Exploit
  • EPSS 3.76%
  • Veröffentlicht 03.09.2019 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:24

A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disabl...

Exploit
  • EPSS 2.03%
  • Veröffentlicht 03.09.2019 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:27:25

A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could dis...

  • EPSS 2.09%
  • Veröffentlicht 29.08.2019 01:15:11
  • Zuletzt bearbeitet 21.11.2024 04:20:47

The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings w...

  • EPSS 3.73%
  • Veröffentlicht 29.08.2019 01:15:11
  • Zuletzt bearbeitet 21.11.2024 04:20:48

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s ma...

  • EPSS 1.77%
  • Veröffentlicht 29.08.2019 01:15:11
  • Zuletzt bearbeitet 21.11.2024 04:20:48

The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components (such as kube-apiserver) prior to v1.16.0, which make use ...