Vulnerabilities > Redhat > Openshift > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-19 | CVE-2012-6135 | Improper Input Validation vulnerability in multiple products RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. | 7.5 |
2019-11-15 | CVE-2014-0023 | Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution | 7.8 |
2019-11-01 | CVE-2013-0165 | Improper Input Validation vulnerability in Redhat Openshift cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp. | 7.3 |
2019-02-11 | CVE-2019-5736 | OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78 | 8.6 |
2018-09-21 | CVE-2018-14645 | Out-of-bounds Read vulnerability in multiple products A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. | 7.5 |
2018-09-10 | CVE-2016-7075 | It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. | 8.1 |
2018-07-31 | CVE-2016-8631 | Unspecified vulnerability in Redhat Openshift 3.0/3.3 The OpenShift Enterprise 3 router does not properly sort routes when processing newly added routes. | 7.7 |
2018-07-13 | CVE-2018-10875 | Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. | 7.8 |
2018-07-05 | CVE-2018-10885 | Improper Input Validation vulnerability in Redhat Openshift In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. | 7.5 |
2018-04-30 | CVE-2018-1102 | Unspecified vulnerability in Redhat Openshift A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. | 8.8 |