Redhat » Openshift Container Platform : Security Vulnerabilities, CVEs, Published In 2020 (Information Leak)

CVE-2020-14370

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
Max CVSS
5.3
EPSS Score
0.14%
Published
2020-09-23
Updated
2022-11-07

CVE-2020-10763

An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords.
Max CVSS
5.5
EPSS Score
0.04%
Published
2020-11-24
Updated
2020-12-02

CVE-2019-14892

A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.
Max CVSS
9.8
EPSS Score
0.39%
Published
2020-03-02
Updated
2023-09-13
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close