Redhat

Openshift

166 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.31%
  • Veröffentlicht 19.03.2025 17:57:14
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive ...

  • EPSS 0.44%
  • Veröffentlicht 03.03.2025 15:15:16
  • Zuletzt bearbeitet 30.06.2026 00:16:50

When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is al...

  • EPSS 0.23%
  • Veröffentlicht 19.02.2025 18:15:23
  • Zuletzt bearbeitet 29.06.2026 23:16:41

A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2'...

Exploit
  • EPSS 9.35%
  • Veröffentlicht 14.01.2025 18:15:25
  • Zuletzt bearbeitet 29.06.2026 21:16:30

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of un...

  • EPSS 0.48%
  • Veröffentlicht 31.12.2024 15:15:08
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/...

  • EPSS 0.55%
  • Veröffentlicht 31.12.2024 03:15:05
  • Zuletzt bearbeitet 26.06.2026 02:16:50

A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary...

  • EPSS 0.75%
  • Veröffentlicht 19.12.2024 15:15:07
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service accoun...

  • EPSS 0.57%
  • Veröffentlicht 21.11.2024 21:15:23
  • Zuletzt bearbeitet 29.06.2026 23:16:41

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.

  • EPSS 0.89%
  • Veröffentlicht 17.09.2024 00:15:52
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone container is run with a privileged security context, al...

  • EPSS 0.56%
  • Veröffentlicht 21.08.2024 06:15:08
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery (CSRF) attack if the state parameter is used inefficie...