VYPR

Vendor CVEs

Openshift

All CVEs

41 total · sorted by risk
  • CVE-2018-1085CriJun 15, 2018
    risk 0.59cvss 9.0epss 0.02

    openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH in etcd.conf result in etcd being…

  • CVE-2024-45496CriSep 17, 2024
    risk 0.57cvss 9.9epss 0.01

    A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone container is run with a privileged security context, allowing unrestricted access to…

  • CVE-2024-7387CriSep 17, 2024
    risk 0.52cvss 9.1epss 0.02

    A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the…

  • CVE-2024-6508HigAug 21, 2024
    risk 0.52cvss 8.0epss 0.01

    An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery (CSRF) attack if the state parameter is used inefficiently. This flaw allows…

  • CVE-2024-25133HigDec 31, 2024
    risk 0.50cvss 8.8epss 0.00

    A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod.

  • CVE-2024-25131HigDec 19, 2024
    risk 0.50cvss 8.8epss 0.01

    A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can…

  • CVE-2024-45497HigDec 31, 2024
    risk 0.49cvss 7.6epss 0.01

    A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from…

  • CVE-2025-2241HigMar 17, 2025
    risk 0.46cvss 8.2epss 0.00

    A flaw was found in Hive, a component of Multicluster Engine (MCE) and Advanced Cluster Management (ACM). This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision…

  • CVE-2026-10609modJun 23, 2026
    risk 0.44cvss 6.8epss 0.00

    openshift/cluster-logging-operator: Cluster Logging Operator creates and forwards ServiceAccount tokens without verifying CLF creator authorization

  • CVE-2024-1139HigApr 25, 2024
    risk 0.43cvss 7.7epss 0.01

    A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret.

  • CVE-2026-10101MedMay 29, 2026
    risk 0.41cvss 6.3epss 0.00

    ACM/MCE assisted-service writes raw referenced pull-secret contents into `InfraEnv.status.conditions[].message` when pull-secret validation fails. A namespace principal with the stock `view` ClusterRole cannot directly read Secrets, but can read `InfraEnv` objects and recover…

  • CVE-2026-7163MedApr 30, 2026
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters…

  • CVE-2025-14443MedDec 16, 2025
    risk 0.35cvss 6.4epss 0.00

    A flaw was found in ose-openshift-apiserver. This vulnerability allows internal network enumeration, service discovery, limited information disclosure, and potential denial-of-service (DoS) through Server-Side Request Forgery (SSRF) due to missing IP address and network-range…

  • CVE-2024-6538MedNov 25, 2024
    risk 0.34cvss 5.3epss 0.01

    A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't…

  • CVE-2015-8945MedAug 5, 2016
    risk 0.33cvss 5.1epss 0.00

    openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd journal.

  • CVE-2024-7631MedMar 19, 2025
    risk 0.28cvss 4.3epss 0.00

    A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.go#L112 Because of this unsafe filepath…

  • CVE-2024-25132MedMar 19, 2025
    risk 0.28cvss 4.3epss 0.00

    A flaw was found in the Hive hibernation controller component of OpenShift Dedicated. The ClusterDeployment.hive.openshift.io/v1 resource can be created with the spec.installed field set to true, regardless of the installation status, and a positive timespan for the…

  • CVE-2016-8651LowAug 1, 2018
    risk 0.20cvss 3.1epss 0.01

    An input validation flaw was found in the way OpenShift 3 handles requests for images. A user, with a copy of the manifest associated with an image, can pull an image even if they do not have access to the image normally, resulting in the disclosure of any information contained…

  • CVE-2019-11354Apr 19, 2019
    risk 0.06cvss epss 0.23

    The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for…

  • CVE-2019-12828Jun 14, 2019
    risk 0.04cvss epss 0.13

    An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt…

  • CVE-2026-28677Mar 6, 2026
    risk 0.00cvss epss 0.00

    OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although private/local host checks…

  • CVE-2026-28676Mar 6, 2026
    risk 0.00cvss epss 0.00

    OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containment. This created path-injection…

  • CVE-2026-28675Mar 6, 2026
    risk 0.00cvss epss 0.00

    OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, some endpoints returned raw exception strings to clients. Additionally, login token material was exposed in UI/rendered responses and token…

  • CVE-2026-27189Feb 21, 2026
    risk 0.00cvss epss 0.00

    OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below, use non-atomic and insufficiently synchronized local JSON persistence flows, potentially causing concurrent operations to lose updates or…

  • CVE-2026-27170Feb 20, 2026
    risk 0.00cvss epss 0.00

    OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. In versions 1.1.2-alpha and below, URL ingest allows overly permissive server-side fetch behavior and can be coerced into requesting unsafe targets. Potential access/probing…

  • CVE-2026-27169Feb 20, 2026
    risk 0.00cvss epss 0.00

    OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Versions 1.1.2-alpha and below render untrusted user/model content in chat tool UI surfaces using unsafe HTML interpolation patterns, leading to XSS. Stored content can…

  • CVE-2024-50311Oct 22, 2024
    risk 0.00cvss epss 0.01

    A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing…

  • CVE-2024-7079Jul 24, 2024
    risk 0.00cvss epss 0.00

    A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser() middleware function. Contrary to…

  • CVE-2023-1260Sep 24, 2023
    risk 0.00cvss epss 0.02

    An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a…

  • CVE-2023-0229Jan 25, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restricted-v2…

  • CVE-2021-4294Dec 28, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function ClientSecretMatches/CheckClientSecret. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is…

  • CVE-2022-0552Apr 11, 2022
    risk 0.00cvss epss 0.01

    A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects…

  • CVE-2020-1761May 27, 2021
    risk 0.00cvss epss 0.01

    A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. An attacker can use this flaw to get the access token via physical access, or an XSS attack on the victim's browser. This flaw affects openshift/console versions…

  • CVE-2021-20198Feb 23, 2021
    risk 0.00cvss epss 0.02

    A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker…

  • CVE-2020-10752Jun 12, 2020
    risk 0.00cvss epss 0.01

    A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. This flaw allows an attacker with the ability to cause an API Server error to read the logs, and use the leaked…

  • CVE-2019-19741Feb 20, 2020
    risk 0.00cvss epss 0.01

    Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service…

  • CVE-2019-14854Jan 7, 2020
    risk 0.00cvss epss 0.01

    OpenShift Container Platform 4 does not sanitize secret data written to static pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an…

  • CVE-2019-19248Dec 12, 2019
    risk 0.00cvss epss 0.00

    Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 2 of 2).

  • CVE-2019-19247Dec 12, 2019
    risk 0.00cvss epss 0.00

    Electronic Arts Origin through 10.5.x allows Elevation of Privilege (issue 1 of 2).

  • CVE-2014-0163Dec 11, 2019
    risk 0.00cvss epss 0.02

    Openshift has shell command injection flaws due to unsanitized data being passed into shell commands.

  • CVE-2014-0023Nov 15, 2019
    risk 0.00cvss epss 0.00

    OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary code execution