Filtered by vendor Redhat
Subscriptions
Filtered by product Openshift
Subscriptions
Total
1055 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-27223 | 6 Apache, Debian, Eclipse and 3 more | 22 Nifi, Solr, Spark and 19 more | 2024-11-21 | 5.3 Medium |
| In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. | ||||
| CVE-2020-27218 | 6 Apache, Debian, Eclipse and 3 more | 23 Kafka, Spark, Debian Linux and 20 more | 2024-11-21 | 4.8 Medium |
| In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request. | ||||
| CVE-2020-27216 | 7 Apache, Debian, Eclipse and 4 more | 24 Beam, Debian Linux, Jetty and 21 more | 2024-11-21 | 7.0 High |
| In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. | ||||
| CVE-2020-26160 | 2 Jwt-go Project, Redhat | 6 Jwt-go, Container Native Virtualization, Cryostat and 3 more | 2024-11-21 | 7.5 High |
| jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check. | ||||
| CVE-2020-26137 | 5 Canonical, Debian, Oracle and 2 more | 8 Ubuntu Linux, Debian Linux, Communications Cloud Native Core Network Function Cloud Native Environment and 5 more | 2024-11-21 | 6.5 Medium |
| urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116. | ||||
| CVE-2020-25658 | 3 Fedoraproject, Python-rsa Project, Redhat | 5 Fedora, Python-rsa, Ceph Storage and 2 more | 2024-11-21 | 7.5 High |
| It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA. | ||||
| CVE-2020-25649 | 7 Apache, Fasterxml, Fedoraproject and 4 more | 50 Iotdb, Jackson-databind, Fedora and 47 more | 2024-11-21 | 7.5 High |
| A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity. | ||||
| CVE-2020-24750 | 4 Debian, Fasterxml, Oracle and 1 more | 29 Debian Linux, Jackson-databind, Agile Plm and 26 more | 2024-11-21 | 8.1 High |
| FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. | ||||
| CVE-2020-1945 | 6 Apache, Canonical, Fedoraproject and 3 more | 54 Ant, Ubuntu Linux, Fedora and 51 more | 2024-11-21 | 6.3 Medium |
| Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process. | ||||
| CVE-2020-1761 | 1 Redhat | 1 Openshift | 2024-11-21 | 6.1 Medium |
| A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. An attacker can use this flaw to get the access token via physical access, or an XSS attack on the victim's browser. This flaw affects openshift/console versions before openshift/console-4. | ||||
| CVE-2020-1759 | 3 Fedoraproject, Linuxfoundation, Redhat | 5 Fedora, Ceph, Ceph Storage and 2 more | 2024-11-21 | 6.4 Medium |
| A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. | ||||
| CVE-2020-1750 | 1 Redhat | 2 Machine-config-operator, Openshift | 2024-11-21 | 6.5 Medium |
| A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory. An attacker could use this flaw to deny access to schedule new pods in the OpenShift cluster. This was fixed in openshift/machine-config-operator 4.4.3, openshift/machine-config-operator 4.3.25, openshift/machine-config-operator 4.2.36. | ||||
| CVE-2020-1741 | 1 Redhat | 2 Openshift, Openshift Container Platform | 2024-11-21 | 5.9 Medium |
| A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perform a phishing attack. The main threat from this vulnerability is data confidentiality. | ||||
| CVE-2020-1726 | 2 Libpod Project, Redhat | 4 Libpod, Enterprise Linux, Openshift and 1 more | 2024-11-21 | 5.9 Medium |
| A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0. | ||||
| CVE-2020-1709 | 1 Redhat | 1 Openshift | 2024-11-21 | 7 High |
| A vulnerability was found in all openshift/mediawiki 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/mediawiki. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2020-1708 | 1 Redhat | 2 Openshift, Openshift Container Platform | 2024-11-21 | 7 High |
| It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from 4.1 to, including 4.3, that multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/mysql-apb. | ||||
| CVE-2020-1707 | 1 Redhat | 1 Openshift | 2024-11-21 | 7 High |
| A vulnerability was found in all openshift/postgresql-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/postgresql-apb. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2020-1706 | 1 Redhat | 2 Openshift, Openshift Container Platform | 2024-11-21 | 7 High |
| It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/apb-tools-container. | ||||
| CVE-2020-1705 | 1 Redhat | 2 Openshift, Template Service Broker Operator | 2024-11-21 | 7 High |
| A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/template-service-broker-operator. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. | ||||
| CVE-2020-1702 | 2 Containers-image Project, Redhat | 4 Containers-image, Enterprise Linux, Openshift and 1 more | 2024-11-21 | 3.3 Low |
| A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with privileges to pull container images, into crashing the process responsible for pulling the image. This flaw affects containers-image versions before 5.2.0. | ||||