Filtered by vendor Redhat Subscriptions
Filtered by product Openshift Subscriptions
Total 929 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-6409 1 Redhat 4 Enterprise Linux, Openshift, Rhel E4s and 1 more 2024-09-12 7 High
A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.
CVE-2024-0874 1 Redhat 3 Acm, Logging, Openshift 2024-09-12 5.3 Medium
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
CVE-2024-3177 1 Redhat 1 Openshift 2024-09-10 2.7 Low
A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using containers, init containers, and ephemeral containers with the envFrom field populated. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with containers, init containers, and ephemeral containers with the envFrom field populated.
CVE-2024-6508 1 Redhat 1 Openshift 2024-09-10 8 High
An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery (CSRF) attack if the state parameter is used inefficiently. This flaw allows logging into the victim’s current application account using a third-party account without any restrictions.
CVE-2024-1485 1 Redhat 2 Ocp Tools, Openshift 2024-09-09 8 High
A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `plugin` keywords. This could download a malicious archive and cause the cleanup process to overwrite or delete files outside of the archive, which should not be allowed.
CVE-2024-3727 1 Redhat 18 Acm, Advanced Cluster Security, Ansible Automation Platform and 15 more 2024-09-09 8.3 High
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
CVE-2024-5037 1 Redhat 4 Logging, Openshift, Openshift Container Platform and 1 more 2024-09-09 7.5 High
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication.
CVE-2024-1394 1 Redhat 23 Ansible Automation Platform, Ansible Automation Platform Developer, Ansible Automation Platform Inside and 20 more 2024-09-09 7.5 High
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.
CVE-2023-5528 3 Fedoraproject, Kubernetes, Redhat 3 Fedora, Kubernetes, Openshift 2024-09-06 7.2 High
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
CVE-2024-5321 1 Redhat 1 Openshift 2024-09-06 6.1 Medium
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
CVE-2024-8418 2 Containers, Redhat 3 Aardvark-dns, Enterprise Linux, Openshift 2024-09-05 7.5 High
A flaw was found in Aardvark-dns versions 1.12.0 and 1.12.1. They contain a denial of service vulnerability due to serial processing of TCP DNS queries. This flaw allows a malicious client to keep a TCP connection open indefinitely, causing other DNS queries to time out and resulting in a denial of service for all other containers using aardvark-dns.
CVE-2024-24790 2 Golang, Redhat 12 Go, Cost Management, Cryostat and 9 more 2024-09-05 9.8 Critical
The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.
CVE-2019-25210 1 Redhat 2 Advanced Cluster Security, Openshift 2024-09-04 9.1 Critical
An issue was discovered in Cloud Native Computing Foundation (CNCF) Helm through 3.13.3. It displays values of secrets when the --dry-run flag is used. This is a security concern in some use cases, such as a --dry-run call by a CI/CD tool. NOTE: the vendor's position is that this behavior was introduced intentionally, and cannot be removed without breaking backwards compatibility (some users may be relying on these values). Also, it is not the Helm Project's responsibility if a user decides to use --dry-run within a CI/CD environment whose output is visible to unauthorized persons.
CVE-2024-5154 1 Redhat 2 Enterprise Linux, Openshift 2024-09-03 8.1 High
A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.
CVE-2023-47108 2 Opentelemetry, Redhat 5 Opentelemetry, Acm, Openshift and 2 more 2024-09-03 7.5 High
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`.
CVE-2022-4145 1 Redhat 2 Openshift, Openshift Container Platform 2024-09-03 4.3 Medium
A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote, unauthenticated attacker to inject text into a webpage, enabling the obfuscation of a phishing operation.
CVE-2024-1139 1 Redhat 2 Acm, Openshift 2024-09-02 7.7 High
A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret.
CVE-2022-3248 1 Redhat 6 Acm, Advanced Cluster Management For Kubernetes, Ansible Automation Platform and 3 more 2024-08-29 4.4 Medium
A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.
CVE-2023-45918 1 Redhat 1 Openshift 2024-08-29 3.3 Low
ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.
CVE-2024-21501 1 Redhat 1 Openshift 2024-08-28 5.3 Medium
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.