Vulnerabilities > Redhat > Openshift Container Platform > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-16 CVE-2021-20218 Unspecified vulnerability in Redhat products
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after.
network
high complexity
redhat
7.4
2021-02-23 CVE-2021-20194 There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered).
local
low complexity
linux redhat
7.8
2021-02-23 CVE-2021-20182 Unspecified vulnerability in Redhat Openshift Container Platform
A privilege escalation flaw was found in openshift4/ose-docker-builder.
network
low complexity
redhat
8.8
2021-02-11 CVE-2021-20188 A flaw was found in podman before 1.7.0.
local
high complexity
podman-project redhat
7.0
2020-12-18 CVE-2020-27781 Insufficiently Protected Credentials vulnerability in multiple products
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation.
local
low complexity
redhat fedoraproject CWE-522
7.1
2020-12-11 CVE-2020-27786 A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue.
local
low complexity
linux redhat netapp
7.8
2020-11-23 CVE-2020-25660 A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus.
low complexity
redhat fedoraproject
8.8
2020-07-13 CVE-2020-14298 Improper Check for Dropped Privileges vulnerability in multiple products
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304.
local
low complexity
redhat docker CWE-273
8.8
2020-06-12 CVE-2020-10752 Insufficiently Protected Credentials vulnerability in Redhat Openshift Container Platform 3.11/4.0
A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred.
network
high complexity
redhat CWE-522
7.5
2020-06-03 CVE-2020-7013 Code Injection vulnerability in multiple products
Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB.
network
low complexity
elastic redhat CWE-94
7.2