|
208901
|
6.5 |
MEDIUM
Network
|
redhat
|
machine-config-operator
|
A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory. An attacker could use this flaw to deny access…
|
-
|
CVE-2020-1750
|
2024-11-21 14:11 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208902
|
7.0 |
HIGH
Local
|
nmstate
redhat
|
kubernetes-nmstate
openshift_virtualization
|
An insecure modification vulnerability flaw was found in containers using nmstate/kubernetes-nmstate-handler. An attacker with access to the container could use this flaw to modify /etc/passwd and es…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-1742
|
2024-11-21 14:11 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208903
|
6.5 |
MEDIUM
Local
|
redhat
|
openstack-selinux
openstack_platform
|
An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation. A non-root attacker in one or m…
|
NVD-CWE-Other
|
CVE-2020-1690
|
2024-11-21 14:11 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208904
|
5.4 |
MEDIUM
Network
|
redhat
|
wildfly
|
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidenti…
|
-
|
CVE-2020-1719
|
2024-11-21 14:11 |
2021-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208905
|
7.5 |
HIGH
Network
|
facebook
|
react-native
|
A regular expression denial of service (ReDoS) vulnerability in the validateBaseUrl function can cause the application to use excessive resources, become unresponsive, or crash. This was introduced i…
|
CWE-697
Incorrect Comparison
|
CVE-2020-1920
|
2024-11-21 14:11 |
2021-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208906
|
4.4 |
MEDIUM
Local
|
redhat
|
smallrye_config
|
A flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially obtain the ClassLoader, bypassing any permissions checks th…
|
CWE-863
Incorrect Authorization
|
CVE-2020-1729
|
2024-11-21 14:11 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208907
|
8.8 |
HIGH
Network
|
ceph
|
ceph-ansible
|
A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services. Any authenticated attacker can abuse this…
|
-
|
CVE-2020-1716
|
2024-11-21 14:11 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208908
|
6.1 |
MEDIUM
Network
|
redhat
|
openshift
|
A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. An attacker can use this flaw to get the access token via physical access, or an XSS at…
|
NVD-CWE-Other
|
CVE-2020-1761
|
2024-11-21 14:11 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208909
|
3.3 |
LOW
Local
|
containers-image_project
redhat
|
containers-image
enterprise_linux
|
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An…
|
-
|
CVE-2020-1702
|
2024-11-21 14:11 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208910
|
6.5 |
MEDIUM
Network
|
kubevirt
|
kubevirt
|
A flaw was found in the KubeVirt main virt-handler versions before 0.26.0 regarding the access permissions of virt-handler. An attacker with access to create VMs could attach any secret within their …
|
-
|
CVE-2020-1701
|
2024-11-21 14:11 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
