A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra notebook pipeline editor as Python DSL or YAML, it reads S3 credentials from the cluster (ds pipeline server) and saves them in plain text in the generated output instead of an ID for a Kubernetes secret.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:NOpendatahub Open Data Hub Dashboard
APPOpendatahub< 1.28.1Red Hat Openshift Data Science
APPRedhatwszystkie wersje
Powiązane podatności
A vulnerability was found in OpenShift AI that allows for authentication bypass and privilege escalation acros...
A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other n...
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...