Every CVE whose affected-product data names Redhat Openshift, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (146)
CVE-2014-3496 — CVSS 10.0 (critical): cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via…
CVE-2013-2060 — CVSS 9.8 (critical): The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the…
CVE-2016-0791 — CVSS 9.8 (critical): Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote…
CVE-2016-0788 — CVSS 9.8 (critical): The remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP…
CVE-2015-7501 — CVSS 9.8 (critical): Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise…
CVE-2014-0234 — CVSS 9.8 (critical): The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a Mongo account, which…
CVE-2016-2074 — CVSS 9.8 (critical): Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers…
CVE-2015-5254 — CVSS 9.8 (critical): Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to…
CVE-2013-4561 — CVSS 9.1 (critical): In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of…
CVE-2015-7537 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the…
CVE-2016-2160 — CVSS 8.8 (high): Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing…
CVE-2016-3738 — CVSS 8.8 (high): Red Hat OpenShift Enterprise 3.2 does not properly restrict access to STI builds, which allows remote authenticated users to access the…
CVE-2016-5766 — CVSS 8.8 (high): Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before…
CVE-2018-1102 — CVSS 8.8 (high): A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. An improper path validation of tar files in…
CVE-2015-7538 — CVSS 8.8 (high): Jenkins before 1.640 and LTS before 1.625.2 allow remote attackers to bypass the CSRF protection mechanism via unspecified vectors.
CVE-2014-0163 — CVSS 8.8 (high): Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.
CVE-2016-0792 — CVSS 8.8 (high): Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary…
CVE-2019-5736 — CVSS 8.6 (high): runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and…
CVE-2015-5222 — CVSS 8.5 (high): Red Hat OpenShift Enterprise 3.0.0.0 does not properly check permissions, which allows remote authenticated users with build permissions to…
CVE-2026-35091 — CVSS 8.2 (high): A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership…
CVE-2021-4125 — CVSS 8.1 (high): It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as…
CVE-2022-3262 — CVSS 8.1 (high): A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided…
CVE-2024-1485 — CVSS 8.0 (high): A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker…
CVE-2019-19349 — CVSS 7.8 (high): An insecure modification vulnerability in the /etc/passwd file was found in the container operator-framework/operator-metering as shipped…
CVE-2014-0023 — CVSS 7.8 (high): OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution
CVE-2019-19350 — CVSS 7.8 (high): An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat…
CVE-2018-10875 — CVSS 7.8 (high): A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a…
CVE-2013-4364 — CVSS 7.8 (high): (1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2…
CVE-2014-0188 — CVSS 7.5 (high): The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from…
CVE-2026-35092 — CVSS 7.5 (high): A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote…
CVE-2012-6135 — CVSS 7.5 (high): RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.
CVE-2024-12085 — CVSS 7.5 (high): A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the…
CVE-2013-2186 — CVSS 7.5 (high): The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red…
CVE-2013-4253 — CVSS 7.5 (high): The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in…
CVE-2021-4047 — CVSS 7.5 (high): The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This…
CVE-2015-7539 — CVSS 7.5 (high): The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site…
CVE-2014-3666 — CVSS 7.5 (high): Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.
CVE-2014-3674 — CVSS 7.5 (high): Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network…
CVE-2018-14645 — CVSS 7.5 (high): A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in…
CVE-2016-7075 — CVSS 7.5 (high): It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name…
CVE-2015-1814 — CVSS 7.5 (high): The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API…
CVE-2016-5418 — CVSS 7.5 (high): The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote…
CVE-2012-5646 — CVSS 7.5 (high): node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a…
CVE-2016-5409 — CVSS 7.5 (high): Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for…
CVE-2015-5325 — CVSS 7.5 (high): Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass intended slave-to-master access restrictions by leveraging a JNLP…
CVE-2022-3259 — CVSS 7.4 (high): Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks.
CVE-2016-3726 — CVSS 7.4 (high): Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary…
CVE-2013-0165 — CVSS 7.3 (high): cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp.
CVE-2016-3708 — CVSS 7.1 (high): Red Hat OpenShift Enterprise 3.2, when multi-tenant SDN is enabled and a build is run in a namespace that would normally be isolated from…
CVE-2018-1069 — CVSS 7.1 (high): Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could…
CVE-2017-1000376 — CVSS 7.0 (high): libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please…
CVE-2020-1707 — CVSS 7.0 (high): A vulnerability was found in all openshift/postgresql-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in…
CVE-2019-19345 — CVSS 7.0 (high): A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the…
CVE-2019-19346 — CVSS 7.0 (high): An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before…
CVE-2020-1709 — CVSS 7.0 (high): A vulnerability was found in all openshift/mediawiki 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the…
CVE-2019-19348 — CVSS 7.0 (high): An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the…
CVE-2020-35514 — CVSS 7.0 (high): An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift. This flaw allows an attacker with access to a…
CVE-2021-3697 — CVSS 7.0 (high): A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a…
CVE-2019-19351 — CVSS 7.0 (high): An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the…
CVE-2019-19355 — CVSS 7.0 (high): An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access…
CVE-2012-5622 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the management console (openshift-console/app/controllers/application_controller.rb) in…
CVE-2015-5318 — CVSS 6.8 (medium): Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protection tokens, which makes it easier for…
CVE-2024-45777 — CVSS 6.7 (medium): A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position()…
CVE-2014-0233 — CVSS 6.5 (medium): Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell…
CVE-2016-2149 — CVSS 6.5 (medium): Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to read log files from another namespace by using the same name as a…
CVE-2015-5323 — CVSS 6.5 (medium): Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain…
CVE-2025-14512 — CVSS 6.5 (medium): A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's…
CVE-2013-0196 — CVSS 6.5 (medium): A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack…
CVE-2016-3724 — CVSS 6.5 (medium): Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password…
CVE-2015-1806 — CVSS 6.5 (medium): The combination filter Groovy script in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with job…
CVE-2018-1257 — CVSS 6.5 (medium): Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to…
CVE-2018-10885 — CVSS 6.5 (medium): In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using…
CVE-2016-5392 — CVSS 6.5 (medium): The API server in Kubernetes, as used in Red Hat OpenShift Enterprise 3.2, in a multi tenant environment allows remote authenticated users…
CVE-2015-5274 — CVSS 6.5 (medium): rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execute arbitrary commands via a crafted…
CVE-2022-2403 — CVSS 6.5 (medium): A credentials leak was found in the OpenShift Container Platform. The private key for the external cluster certificate was stored…
CVE-2015-5305 — CVSS 6.4 (medium): Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files…
CVE-2020-1759 — CVSS 6.4 (medium): A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was…
CVE-2016-8631 — CVSS 6.3 (medium): The OpenShift Enterprise 3 router does not properly sort routes when processing newly added routes. An attacker with access to create…
CVE-2023-0229 — CVSS 6.3 (medium): A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow…
CVE-2019-10225 — CVSS 6.3 (medium): A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently…
CVE-2020-1761 — CVSS 6.1 (medium): A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. An attacker can use this…
CVE-2016-0789 — CVSS 6.1 (medium): CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to…
CVE-2018-1059 — CVSS 6.1 (medium): The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing…
CVE-2014-3663 — CVSS 6.0 (medium): Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/CONFIGURE permission to bypass intended…
CVE-2013-5123 — CVSS 5.9 (medium): The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows…
CVE-2012-5647 — CVSS 5.8 (medium): Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to…
CVE-2013-4281 — CVSS 5.5 (medium): In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv.pem file on the broker server, which could…
CVE-2013-0163 — CVSS 5.5 (medium): OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
CVE-2016-2142 — CVSS 5.5 (medium): Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which…
CVE-2017-7534 — CVSS 5.4 (medium): OpenShift Enterprise version 3.x is vulnerable to a stored XSS via the log viewer for pods. The flaw is due to lack of sanitation of user…
CVE-2019-3884 — CVSS 5.4 (medium): A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from…
CVE-2023-0296 — CVSS 5.3 (medium): The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy…
CVE-2016-0790 — CVSS 5.3 (medium): Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify API tokens, which makes it easier for remote…
CVE-2015-7528 — CVSS 5.3 (medium): Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name.
CVE-2016-3703 — CVSS 5.3 (medium): Red Hat OpenShift Enterprise 3.2 and 3.1 do not properly validate the origin of a request when anonymous access is granted to a…
CVE-2019-14845 — CVSS 5.3 (medium): A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS…
CVE-2015-5319 — CVSS 5.0 (medium): XML external entity (XXE) vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote…
CVE-2015-5320 — CVSS 5.0 (medium): Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote…
CVE-2014-3661 — CVSS 5.0 (medium): Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service (thread consumption) via vectors related…
CVE-2015-5321 — CVSS 5.0 (medium): The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to…
CVE-2014-3662 — CVSS 5.0 (medium): Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.
CVE-2015-5322 — CVSS 5.0 (medium): Directory traversal vulnerability in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to list directory contents and…
CVE-2015-5324 — CVSS 5.0 (medium): Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api.
CVE-2022-3260 — CVSS 4.8 (medium): The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these…
CVE-2013-2119 — CVSS 4.6 (medium): Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application…
CVE-2015-1810 — CVSS 4.6 (medium): The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using…
CVE-2021-3636 — CVSS 4.6 (medium): It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included…
CVE-2021-3695 — CVSS 4.5 (medium): A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause…
CVE-2021-3696 — CVSS 4.5 (medium): A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap…
CVE-2019-6648 — CVSS 4.4 (medium): On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) log…
CVE-2019-19335 — CVSS 4.4 (medium): During installation of an OpenShift 4 cluster, the `openshift-install` command line tool creates an `auth` directory, with `kubeconfig` and…
CVE-2016-3722 — CVSS 4.3 (medium): Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with multiple accounts to cause a denial of service (unable to…
CVE-2020-10715 — CVSS 4.3 (medium): A content spoofing vulnerability was found in the openshift/console 3.11 and 4.x. This flaw allows an attacker to craft a URL and inject…
CVE-2016-3723 — CVSS 4.3 (medium): Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with read access to obtain sensitive plugin installation…
CVE-2014-1869 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and…
CVE-2016-3725 — CVSS 4.3 (medium): Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users to trigger updating of update site metadata by leveraging a…
CVE-2016-3727 — CVSS 4.3 (medium): The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read…
CVE-2017-2611 — CVSS 4.3 (medium): Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs…
CVE-2015-5326 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the slave overview page in Jenkins before 1.638 and LTS before 1.625.2 allows remote…
CVE-2015-1813 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web…
CVE-2015-1812 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web…
CVE-2017-15137 — CVSS 4.3 (medium): The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This…
CVE-2016-9592 — CVSS 4.3 (medium): openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to detach, which causes the delete operation…
CVE-2014-3681 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web…
CVE-2016-3721 — CVSS 4.3 (medium): Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build…
CVE-2014-3667 — CVSS 4.0 (medium): Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with…
CVE-2014-3664 — CVSS 4.0 (medium): Directory traversal vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Overall/READ…
CVE-2014-3680 — CVSS 4.0 (medium): Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/READ permission to obtain the default value for…
CVE-2013-0164 — CVSS 3.6 (low): The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1 allows local users to overwrite…
CVE-2015-1807 — CVSS 3.5 (low): Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with certain permissions…
CVE-2017-7517 — CVSS 3.5 (low): An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and…
CVE-2015-1808 — CVSS 3.5 (low): Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial of service (improper plug-in and tool…
CVE-2015-0238 — CVSS 3.3 (low): selinux-policy as packaged in Red Hat OpenShift 2 allows attackers to obtain process listing information via a privilege escalation attack.
CVE-2016-3711 — CVSS 3.3 (low): HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading…
CVE-2016-8651 — CVSS 3.1 (low): An input validation flaw was found in the way OpenShift 3 handles requests for images. A user, with a copy of the manifest associated with…
CVE-2015-7561 — CVSS 3.1 (low): Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.
CVE-2014-3602 — CVSS 2.1 (low): Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading…
CVE-2012-5658 — CVSS 2.1 (low): rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in…
CVE-2014-0164 — CVSS 2.1 (low): openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective…