
CVE-2019-19350
https://notcve.org/view.php?id=CVE-2019-19350
24 Mar 2021 — An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat Openshift 4 and 3.11. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Se encontró una vulnerabilidad de modificación no segura en el archivo /etc/passwd en openshift/ansible-service-broker como es enviado en Red Hat Openshift versiones 4 y 3.11. Un atacante con acceso al contenedor podría usar este fallo ... • https://bugzilla.redhat.com/show_bug.cgi?id=1791534 • CWE-266: Incorrect Privilege Assignment •

CVE-2019-10225
https://notcve.org/view.php?id=CVE-2019-10225
19 Mar 2021 — A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the value of restuserkey, and use it to authenticate to the GlusterFS REST service, gaining access to read, and modify files. Se encontró un fallo en atomic-openshift de openshift-4.2, donde el rol de usuario básico RABC en OpenShift Container P... • https://bugzilla.redhat.com/show_bug.cgi?id=1743073 • CWE-522: Insufficiently Protected Credentials •

CVE-2021-20218 – fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise
https://notcve.org/view.php?id=CVE-2021-20218
16 Mar 2021 — A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2 Se encontró un fallo en fabric8 kubernetes-client en versión 4.2.0 y p... • https://bugzilla.redhat.com/show_bug.cgi?id=1923405 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVE-2021-20270 – python-pygments: Infinite loop in SML lexer may lead to DoS
https://notcve.org/view.php?id=CVE-2021-20270
09 Mar 2021 — An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. Un bucle infinito en SMLLexer en Pygments versiones 1.5 hasta 2.7.3, puede conllevar a una denegación de servicio cuando se lleva a cabo el resaltado de sintaxis de un archivo fuente de Standard ML (SML), como es demostrado por la entrada que solo contiene la palabra clave "exc... • https://bugzilla.redhat.com/show_bug.cgi?id=1922136 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVE-2021-20188 – podman: container users permissions are not respected in privileged containers
https://notcve.org/view.php?id=CVE-2021-20188
11 Feb 2021 — A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the container, though being a privileged container means that a lot of security features are disabled when running the container. The highest threat from this vulnerabilit... • https://bugzilla.redhat.com/show_bug.cgi?id=1915734 • CWE-863: Incorrect Authorization •

CVE-2020-27846 – crewjam/saml: authentication bypass in saml authentication
https://notcve.org/view.php?id=CVE-2020-27846
21 Dec 2020 — A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se presenta una vulnerabilidad de verificación de firmas en crewjam/saml. Este fallo permite a un atacante omitir la autenticación SAML. • https://bugzilla.redhat.com/show_bug.cgi?id=1907670 • CWE-115: Misinterpretation of Input •

CVE-2020-14336 – openshift: restricted SCC allows pods to craft custom network packets
https://notcve.org/view.php?id=CVE-2020-14336
26 Oct 2020 — A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en las Restricciones de Contexto de Seguridad (SCC), que permite a los pods diseñar paquetes de red personalizados. Este fallo permite a un atacante causar un... • https://bugzilla.redhat.com/show_bug.cgi?id=1858981 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVE-2020-10715 – openshift/console: text injection on error page via crafted url
https://notcve.org/view.php?id=CVE-2020-10715
28 Jul 2020 — A content spoofing vulnerability was found in the openshift/console 3.11 and 4.x. This flaw allows an attacker to craft a URL and inject arbitrary text onto the error page that appears to be from the OpenShift instance. This attack could potentially convince a user that the inserted text is legitimate. Se encontró una vulnerabilidad de suplantación de contenido en openshift/console versiones 3.11 y 4.x. Este fallo permite a un atacante crear una URL e inyectar texto arbitrario en la página de error que pare... • https://bugzilla.redhat.com/show_bug.cgi?id=1767665 • CWE-20: Improper Input Validation •

CVE-2020-10752
https://notcve.org/view.php?id=CVE-2020-10752
12 Jun 2020 — A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. This flaw allows an attacker with the ability to cause an API Server error to read the logs, and use the leaked OAuthToken to log into the API Server with the leaked token. Se encontró un fallo en el OpenShift API Server, donde presento un fallo al proteger de manera suficiente a los OAuthTokens al filtrarlos en los registros cuando se produjo un ... • https://github.com/openshift/enhancements/pull/323 • CWE-522: Insufficiently Protected Credentials CWE-532: Insertion of Sensitive Information into Log File •

CVE-2020-7013 – kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)
https://notcve.org/view.php?id=CVE-2020-7013
03 Jun 2020 — Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system. Kibana versiones anteriores a 6.8.9 y 7.7.0, contienen un fallo de contaminación de prototipo en TSVB. Un atacante autenticado con privilegios para crear visualizaciones ... • https://www.elastic.co/community/security • CWE-94: Improper Control of Generation of Code ('Code Injection') •