exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2024-25131

больше 1 года назад

A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard developer user to escalate their privileges to a cluster administrator and pivot to the AWS environment.

CVSS3: 8.8

EPSS: Низкий

CVE-2024-25131

около 1 года назад

A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard developer user to escalate their privileges to a cluster administrator and pivot to the AWS environment.

CVSS3: 8.8

EPSS: Низкий

GHSA-77c2-c35q-254w

около 1 года назад

OpenShift Must Gather Operator Improper Input Validation vulnerability

CVSS3: 8.8

EPSS: Низкий

SUSE-SU-2025:0060-1

около 1 года назад

Security update for govulncheck-vulndb

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-25131 A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard developer user to escalate their privileges to a cluster administrator and pivot to the AWS environment.	CVSS3: 8.8	0% Низкий	больше 1 года назад
CVE-2024-25131 A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially crafted file and set the most privileged service account to run the job. This can allow a standard developer user to escalate their privileges to a cluster administrator and pivot to the AWS environment.	CVSS3: 8.8	0% Низкий	около 1 года назад
GHSA-77c2-c35q-254w OpenShift Must Gather Operator Improper Input Validation vulnerability	CVSS3: 8.8	0% Низкий	около 1 года назад
SUSE-SU-2025:0060-1 Security update for govulncheck-vulndb			около 1 года назад

Уязвимостей на страницу