Vulnerabilities > Redhat > Openshift Container Platform

DATE CVE VULNERABILITY TITLE RISK
2018-07-25 CVE-2018-13988 Out-of-bounds Read vulnerability in multiple products
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite.
network
low complexity
freedesktop canonical debian redhat CWE-125
6.5
2018-07-19 CVE-2017-7481 Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe.
network
low complexity
redhat canonical debian
critical
9.8
2018-07-16 CVE-2017-15137 Unspecified vulnerability in Redhat Openshift and Openshift Container Platform
The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example.
network
low complexity
redhat
5.3
2018-07-05 CVE-2018-12910 Out-of-bounds Read vulnerability in multiple products
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
network
low complexity
gnome canonical debian redhat opensuse CWE-125
critical
9.8
2018-07-02 CVE-2018-10843 Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Container Platform
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container.
network
low complexity
redhat CWE-732
8.8
2018-07-01 CVE-2018-13033 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c.
local
low complexity
gnu redhat CWE-770
5.5
2018-06-15 CVE-2018-1085 Improper Authentication vulnerability in Redhat Openshift Container Platform
openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled.
network
low complexity
redhat CWE-287
critical
9.8
2018-06-12 CVE-2018-1070 Improper Input Validation vulnerability in Redhat Openshift Container Platform
routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down.
network
low complexity
redhat CWE-20
7.5
2018-04-26 CVE-2018-10237 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.
network
high complexity
google redhat oracle CWE-770
5.9
2018-02-06 CVE-2017-7525 A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
network
low complexity
fasterxml debian netapp redhat oracle
critical
9.8