Vulnerabilities > Redhat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-20 | CVE-2020-1707 | Unspecified vulnerability in Redhat Openshift A vulnerability was found in all openshift/postgresql-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/postgresql-apb. | 7.0 |
| 2020-03-20 | CVE-2019-19345 | Unspecified vulnerability in Redhat Openshift A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mediawiki-apb. | 7.8 |
| 2020-03-19 | CVE-2020-1705 | Unspecified vulnerability in Redhat Template Service Broker Operator 4.0.0/4.2.0 A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/template-service-broker-operator. | 7.0 |
| 2020-03-18 | CVE-2019-19355 | Unspecified vulnerability in Redhat Openshift 4.0 An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. | 7.0 |
| 2020-03-18 | CVE-2019-19351 | Unspecified vulnerability in Redhat Openshift 3.11/4.0 An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. | 7.0 |
| 2020-03-12 | CVE-2020-10531 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. network low complexity icu-project redhat google fedoraproject debian canonical opensuse oracle nodejs CWE-190 | 8.8 |
| 2020-03-10 | CVE-2012-1094 | Information Exposure vulnerability in Redhat Jboss Application Server JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed. | 7.5 |
| 2020-03-09 | CVE-2020-1737 | Path Traversal vulnerability in Redhat Ansible Tower A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. | 7.8 |
| 2020-03-09 | CVE-2020-1706 | Unspecified vulnerability in Redhat Openshift Container Platform It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. | 7.0 |
| 2020-03-04 | CVE-2020-8661 | Resource Exhaustion vulnerability in multiple products CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests. | 7.5 |