Shodan
Vulnerabilities
Vulnerable Software
Redhat:  >> Openshift  Security Vulnerabilities
CVE-2013-0163
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
CVSS Score
5.5
EPSS Score
0.001
Published
2019-12-05
CVE-2013-2103
OpenShift cartridge allows remote URL retrieval
CVSS Score
8.1
EPSS Score
0.003
Published
2019-12-03
CVE-2012-6135
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process.
CVSS Score
7.5
EPSS Score
0.013
Published
2019-11-19
CVE-2014-0023
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution
CVSS Score
7.8
EPSS Score
0.001
Published
2019-11-15
CVE-2013-5123
The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.
CVSS Score
5.9
EPSS Score
0.129
Published
2019-11-05
CVE-2013-0165
cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp.
CVSS Score
7.3
EPSS Score
0.003
Published
2019-11-01
CVE-2019-14845
A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hostname verification. An attacker can take advantage of this flaw by launching a man-in-the-middle attack and injecting malicious content.
CVSS Score
5.7
EPSS Score
0.0
Published
2019-10-08
CVE-2019-6648
On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service (CIS) for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) log files may contain BIG-IP secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration.
CVSS Score
4.4
EPSS Score
0.001
Published
2019-09-04
CVE-2019-3884
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.
CVSS Score
3.6
EPSS Score
0.001
Published
2019-08-01
CVE-2019-4239
IBM MQ Advanced Cloud Pak (IBM Cloud Private 1.0.0 through 3.0.1) stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 159465.
CVSS Score
6.2
EPSS Score
0.0
Published
2019-06-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved