Page 9 of 83 results (0.006 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

An insecure modification vulnerability in the /etc/passwd file was found in the container operator-framework/operator-metering as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Se encontró una vulnerabilidad de modificación no segura en el archivo /etc/passwd en el contenedor operator-framework/operator-metering como es enviado en Red Hat Openshift versión 4. Un atacante con acceso al contenedor podría usar este fallo para modificar /etc/passwd y escalar sus privilegios • https://bugzilla.redhat.com/show_bug.cgi?id=1791534 https://bugzilla.redhat.com/show_bug.cgi?id=1793284 • CWE-266: Incorrect Privilege Assignment •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

A flaw was discovered in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedule workloads on master nodes. Pods with permission to access the host network, running on master nodes, can retrieve security credentials for the master AWS IAM role, allowing management access to AWS resources. With access to the security credentials, the user then has access to the entire infrastructure. Impact to data and system availability is high. Se detectó un fallo en OpenShift Container Platform versión 4 donde, por defecto, unos usuarios con acceso para crear pods también presentan la habilidad de programar cargas de trabajo en los nodos maestros. • https://bugzilla.redhat.com/show_bug.cgi?id=1730161 https://github.com/openshift/cluster-kube-apiserver-operator/pull/524 • CWE-284: Improper Access Control •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the value of restuserkey, and use it to authenticate to the GlusterFS REST service, gaining access to read, and modify files. Se encontró un fallo en atomic-openshift de openshift-4.2, donde el rol de usuario básico RABC en OpenShift Container Platform no protege suficientemente el GlusterFS StorageClass contra filtraciones del restuserkey. Un atacante con permisos de usuario básico puede obtener el valor de restuserkey y usarlo para autenticarse en el servicio REST de GlusterFS, consiguiendo acceso para leer y modificar archivos • https://bugzilla.redhat.com/show_bug.cgi?id=1743073 • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. Un bucle infinito en SMLLexer en Pygments versiones 1.5 hasta 2.7.3, puede conllevar a una denegación de servicio cuando se lleva a cabo el resaltado de sintaxis de un archivo fuente de Standard ML (SML), como es demostrado por la entrada que solo contiene la palabra clave "exception" • https://bugzilla.redhat.com/show_bug.cgi?id=1922136 https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html https://www.debian.org/security/2021/dsa-4889 https://www.oracle.com/security-alerts/cpuoct2021.html https://access.redhat.com/security/cve/CVE-2021-20270 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.5EPSS: 0%CPEs: 37EXPL: 0

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo en múltiples versiones de OpenvSwitch. Los paquetes LLDP especialmente diseñados pueden causar que una memoria se pierda cuando se asignan datos para manejar TLV opcionales específicos, potencialmente causando una denegación de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=1921438 https://cert-portal.siemens.com/productcert/pdf/ssa-941426.pdf https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3T5XHPOGIPWCRRPJUE6P3HVC5PTSD5JS https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JYA4AMJXCNF6UPFG36L2TPPT32C242SP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKQWHG2SZJZSGC7PXVDAEJYBN7ESDR7D https://mail.openvswitch.org/pipermail/ovs-dev/2021&# • CWE-400: Uncontrolled Resource Consumption •