Redhat Openshift Container Platform vulnerabilities

CVE-2018-12910 [CRITICAL] CWE-125 CVE-2018-12910: The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.

CVE-2018-10843 [HIGH] CWE-20 CVE-2018-10843: source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, a source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host whic

CVE-2018-13033 [MEDIUM] CWE-770 CVE-2018-13033: The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows r The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm.

CVE-2018-1085 [CRITICAL] CWE-592 CVE-2018-1085: openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the S openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH in etcd.conf result in etcd being configured to allow remote users to connect without any authentication if they

CVE-2018-1070 [HIGH] CWE-20 CVE-2018-1070: routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing c routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard.

CVE-2018-10237 [MEDIUM] CWE-770 CVE-2018-10237: Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with

CVE-2017-15095 [CRITICAL] CWE-184 CVE-2017-15095: A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, w A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be us

CVE-2017-7525 [CRITICAL] CWE-184 CVE-2017-7525: A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

CVE-2018-5968 [HIGH] CVE-2018-5968: FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.

CVE-2017-17485 [CRITICAL] CWE-502 CVE-2017-17485: FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring li

CVE-2015-8103 [CRITICAL] CWE-502 CVE-2015-8103: The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the "Groovy variant in 'ysoserial'".