Vulnerabilities > Redhat > Openshift
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-24 | CVE-2019-19349 | Incorrect Privilege Assignment vulnerability in Redhat Openshift 4.0 An insecure modification vulnerability in the /etc/passwd file was found in the container operator-framework/operator-metering as shipped in Red Hat Openshift 4. | 4.4 |
| 2021-03-19 | CVE-2019-10225 | Insufficiently Protected Credentials vulnerability in Redhat Openshift and Openshift Container Platform A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. | 6.5 |
| 2020-09-16 | CVE-2020-10715 | Improper Input Validation vulnerability in Redhat Openshift A content spoofing vulnerability was found in the openshift/console 3.11 and 4.x. | 4.3 |
| 2020-04-13 | CVE-2020-1759 | Reusing a Nonce, Key Pair in Encryption vulnerability in multiple products A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. | 6.8 |
| 2020-04-02 | CVE-2019-19348 | Improper Privilege Management vulnerability in Redhat Openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. | 7.0 |
| 2020-04-02 | CVE-2019-19346 | Improper Privilege Management vulnerability in Redhat Openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . | 7.0 |
| 2020-03-20 | CVE-2020-1709 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift A vulnerability was found in all openshift/mediawiki 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/mediawiki. | 7.8 |
| 2020-03-20 | CVE-2020-1707 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift A vulnerability was found in all openshift/postgresql-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/postgresql-apb. | 7.0 |
| 2020-03-20 | CVE-2019-19345 | Incorrect Privilege Assignment vulnerability in Redhat Openshift A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mediawiki-apb. | 7.8 |
| 2020-03-18 | CVE-2019-19355 | Incorrect Privilege Assignment vulnerability in Redhat Openshift 4.0 An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. | 7.0 |