Skip to main content

Openshift Developer Tools And Services

3 CVEs product

Monthly

CVE-2024-1485 Go HIGH PATCH This Week

A flaw was found in the decompression function of registry-support. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, no authentication required. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Registry Support Openshift Openshift Developer Tools And Services
NVD GitHub
CVSS 3.1
8.0
EPSS
1.6%
CVE-2023-48795 LIB MEDIUM POC PATCH THREAT This Month

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.6%.

Authentication Bypass Apache Node.js SSH Java +66
NVD GitHub
CVSS 3.1
5.9
EPSS
53.6%
Threat
4.3
CVE-2023-2253 Go MEDIUM PATCH This Month

A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Openshift Api For Data Protection Openshift Container Platform Openshift Developer Tools And Services
NVD
CVSS 3.1
6.5
EPSS
0.9%
EPSS 2% CVSS 8.0
HIGH PATCH This Week

A flaw was found in the decompression function of registry-support. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, no authentication required. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Registry Support Openshift +1
NVD GitHub
EPSS 54% 4.3 CVSS 5.9
MEDIUM POC PATCH THREAT This Month

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.6%.

Authentication Bypass Apache Node.js +68
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Openshift Api For Data Protection Openshift Container Platform +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy