Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-1719 | 1 Redhat | 1 Wildfly | 2023-12-10 | 5.5 MEDIUM | 5.4 MEDIUM |
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected. | |||||
CVE-2019-14819 | 1 Redhat | 1 Openshift Container Platform | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by the privileged Security Context Constraints. |