Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Openshift Container Platform
Total 237 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-20270 4 Debian, Fedoraproject, Pygments and 1 more 7 Debian Linux, Fedora, Pygments and 4 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
CVE-2020-27786 3 Linux, Netapp, Redhat 6 Linux Kernel, Cloud Backup, Solidfire Baseboard Management Controller and 3 more 2024-02-28 7.2 HIGH 7.8 HIGH
A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2019-19353 1 Redhat 1 Openshift Container Platform 2024-02-28 6.9 MEDIUM 7.0 HIGH
An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hive as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
CVE-2020-14370 3 Fedoraproject, Podman Project, Redhat 4 Fedora, Podman, Enterprise Linux and 1 more 2024-02-28 4.0 MEDIUM 5.3 MEDIUM
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
CVE-2020-27846 4 Fedoraproject, Grafana, Redhat and 1 more 6 Fedora, Grafana, Enterprise Linux and 3 more 2024-02-28 10.0 HIGH 9.8 CRITICAL
A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2019-10225 1 Redhat 2 Openshift, Openshift Container Platform 2024-02-28 6.5 MEDIUM 6.3 MEDIUM
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the value of restuserkey, and use it to authenticate to the GlusterFS REST service, gaining access to read, and modify files.
CVE-2019-19354 1 Redhat 2 Enterprise Linux, Openshift Container Platform 2024-02-28 4.6 MEDIUM 7.8 HIGH
An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
CVE-2021-20182 1 Redhat 1 Openshift Container Platform 2024-02-28 6.5 MEDIUM 8.8 HIGH
A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as the network and storage devices, to at least escalate their privileges to that of the cluster admin. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2019-19352 1 Redhat 1 Openshift Container Platform 2024-02-28 4.4 MEDIUM 7.0 HIGH
An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/presto as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
CVE-2020-27827 5 Fedoraproject, Lldpd Project, Openvswitch and 2 more 27 Fedora, Lldpd, Openvswitch and 24 more 2024-02-28 7.1 HIGH 7.5 HIGH
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2019-10200 1 Redhat 1 Openshift Container Platform 2024-02-28 9.0 HIGH 7.2 HIGH
A flaw was discovered in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedule workloads on master nodes. Pods with permission to access the host network, running on master nodes, can retrieve security credentials for the master AWS IAM role, allowing management access to AWS resources. With access to the security credentials, the user then has access to the entire infrastructure. Impact to data and system availability is high.
CVE-2020-25639 3 Fedoraproject, Linux, Redhat 5 Fedora, Linux Kernel, Enterprise Linux and 2 more 2024-02-28 4.9 MEDIUM 4.4 MEDIUM
A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.
CVE-2020-27816 2 Elastic, Redhat 2 Kibana, Openshift Container Platform 2024-02-28 5.8 MEDIUM 6.1 MEDIUM
The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. This could lead to an arbitrary URL redirection or the openshift-logging console link damage. This flaw affects elasticsearch-operator-container versions before 4.7.
CVE-2021-3344 1 Redhat 2 Openshift Builder, Openshift Container Platform 2024-02-28 6.5 MEDIUM 8.8 HIGH
A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to overwrite arbitrary container images in internal registries and/or escalate their privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This affects github.com/openshift/builder v0.0.0-20210125201112-7901cb396121 and before.
CVE-2020-27777 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Openshift Container Platform 2024-02-28 7.2 HIGH 6.7 MEDIUM
A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.
CVE-2020-10763 2 Heketi Project, Redhat 4 Heketi, Enterprise Linux, Gluster Storage and 1 more 2024-02-28 2.1 LOW 5.5 MEDIUM
An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords.
CVE-2021-20194 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Openshift Container Platform 2024-02-28 4.6 MEDIUM 7.8 HIGH
There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.
CVE-2020-25660 2 Fedoraproject, Redhat 4 Fedora, Ceph, Ceph Storage and 1 more 2024-02-28 5.8 MEDIUM 8.8 HIGH
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the Ceph service via a packet sniffer and perform actions allowed by the Ceph service. This issue is a reintroduction of CVE-2018-1128, affecting the msgr2 protocol. The msgr 2 protocol is used for all communication except older clients that do not support the msgr2 protocol. The msgr1 protocol is not affected. The highest threat from this vulnerability is to confidentiality, integrity, and system availability.
CVE-2020-27781 2 Fedoraproject, Redhat 5 Fedora, Ceph, Ceph Storage and 2 more 2024-02-28 3.6 LOW 7.1 HIGH
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface drivers. Then, all users of the requesting OpenStack project can view the access key. This enables the attacker to target any resource that the user has access to. This can be done to even "admin" users, compromising the ceph administrator. This flaw affects Ceph versions prior to 14.2.16, 15.x prior to 15.2.8, and 16.x prior to 16.2.0.
CVE-2021-20218 1 Redhat 9 A-mq Online, Build Of Quarkus, Codeready Studio and 6 more 2024-02-28 5.8 MEDIUM 7.4 HIGH
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2