Vulnerabilities > Redhat > Openshift > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-02 CVE-2019-19348 Improper Privilege Management vulnerability in Redhat Openshift
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4.
local
high complexity
redhat CWE-269
7.0
2020-04-02 CVE-2019-19346 Improper Privilege Management vulnerability in Redhat Openshift
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 .
local
high complexity
redhat CWE-269
7.0
2020-03-20 CVE-2020-1709 Unspecified vulnerability in Redhat Openshift
A vulnerability was found in all openshift/mediawiki 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/mediawiki.
local
low complexity
redhat
7.8
2020-03-20 CVE-2020-1707 Unspecified vulnerability in Redhat Openshift
A vulnerability was found in all openshift/postgresql-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/postgresql-apb.
local
high complexity
redhat
7.0
2020-03-20 CVE-2019-19345 Unspecified vulnerability in Redhat Openshift
A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mediawiki-apb.
local
low complexity
redhat
7.8
2020-03-18 CVE-2019-19355 Unspecified vulnerability in Redhat Openshift 4.0
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk.
local
high complexity
redhat
7.0
2020-03-18 CVE-2019-19351 Unspecified vulnerability in Redhat Openshift 3.11/4.0
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins.
local
high complexity
redhat
7.0
2020-02-19 CVE-2012-6685 XML Entity Expansion vulnerability in multiple products
Nokogiri before 1.5.4 is vulnerable to XXE attacks
network
low complexity
nokogiri redhat CWE-776
7.5
2019-12-11 CVE-2014-0163 OS Command Injection vulnerability in Redhat Openshift 1.0/2.0
Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.
network
low complexity
redhat CWE-78
8.8
2019-12-03 CVE-2013-2103 Improper Input Validation vulnerability in Redhat Openshift 1.0
OpenShift cartridge allows remote URL retrieval
network
low complexity
redhat CWE-20
8.1