cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-12401,https://securityvulnerability.io/vulnerability/CVE-2024-12401,Cert-Manager Vulnerability Permits CPU-Based DoS Attack,"A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service (DoS) vector for the cert-manager in the cluster.",Red Hat,"Cert-manager Operator For Red Hat Openshift,Cryostat 3,Multicluster Engine For Kubernetes,Openshift Serverless,Red Hat Connectivity Link,Red Hat Openshift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Gitops",4.4,MEDIUM,0.0021299999207258224,false,false,false,false,,false,false,2024-12-12T09:06:03.612Z,0 CVE-2024-5042,https://securityvulnerability.io/vulnerability/CVE-2024-5042,Submariner-operator: rbac permissions can allow for the spread of node compromises,"A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.",Red Hat,"Rhodf-4.16-rhel-9,Red Hat Advanced Cluster Management For Kubernetes 2",6.6,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-05-17T13:12:00.551Z,0 CVE-2024-1139,https://securityvulnerability.io/vulnerability/CVE-2024-1139,Remote Attacker May Discover Repository Pull Secret via Basic Login Credentials,"A credentials leak vulnerability has been identified in the cluster monitoring operator of OpenShift Container Platform (OCP). This issue potentially enables a remote attacker, armed with basic login credentials, to inspect the pod manifest. By doing so, the attacker may discover sensitive information, including repository pull secrets. Without proper remediation, this vulnerability could lead to unauthorized access to critical resources within the OCP environment.",Red Hat,"Red Hat Openshift Container Platform 4.12,Red Hat Openshift Container Platform 4.13,Red Hat Openshift Container Platform 4.14,Red Hat Openshift Container Platform 4.15,Red Hat Advanced Cluster Management For Kubernetes 2,Red Hat Openshift Container Platform 3.11",7.7,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-04-25T17:15:00.000Z,0 CVE-2022-3248,https://securityvulnerability.io/vulnerability/CVE-2022-3248,"Openshift api admission checks does not enforce ""custom-host"" permissions","A flaw was found in OpenShift API, as admission checks do not enforce ""custom-host"" permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.",Red Hat,"Kubernetes,Red Hat Advanced Cluster Management For Kubernetes 2,Red Hat Ansible Automation Platform 1.2,Red Hat Ansible Tower 3,Red Hat Openshift Container Platform 3.11,Red Hat Openshift Container Platform 4",4.4,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2023-10-05T13:28:27.973Z,0 CVE-2023-1260,https://securityvulnerability.io/vulnerability/CVE-2023-1260,Privesc,"An authentication bypass vulnerability exists in kube-apiserver, which may allow an authenticated remote attacker to bypass intended access controls. By obtaining permissions to update or patch the 'pods/ephemeralcontainers' subresource, an attacker could potentially create or modify privileged pods, evading admission restrictions imposed by Security Context Constraints (SCCs). This could lead to unauthorized control over sensitive or critical components within a Kubernetes cluster, posing significant risks to the security of deployed applications.",Red Hat,"kubernetes,Red Hat OpenShift Container Platform 4.10,Red Hat OpenShift Container Platform 4.11,Red Hat OpenShift Container Platform 4.12,Red Hat OpenShift Container Platform 4.13,Red Hat OpenShift Container Platform 4",8,HIGH,0.01221999991685152,false,false,false,false,,false,false,2023-09-24T01:15:00.000Z,0 CVE-2023-3089,https://securityvulnerability.io/vulnerability/CVE-2023-3089,Ocp & fips mode,"A compliance issue has been identified in the Red Hat OpenShift Container Platform when operated in FIPS mode, where not all utilized cryptographic modules were validated against FIPS standards. This could potentially impact the security posture within environments that require FIPS-compliant cryptographic solutions, urging users to review their configurations and understand the implications on their compliance requirements.",Red Hat,"Openshift,Openshift Serverless,Openshift Service Mesh 2.2.x,Openshift Service Mesh 2.3.x,Openshift Service Mesh 2.4,Red Hat Advanced Cluster Management For Kubernetes 2,Red Hat Jboss A-MQ Streams,Red Hat Openshift Container Platform 3.11,Red Hat Openshift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Sandboxed Containers,Red Hat Openshift Virtualization 4",7,HIGH,0.0011899999808520079,false,false,false,false,,false,false,2023-07-05T13:15:00.000Z,0