Vulnerabilities > Redhat > Openshift Container Platform FOR Linuxone > 4.9

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-26	CVE-2023-6291	Open Redirect vulnerability in Redhat products A flaw was found in the redirect_uri validation logic in Keycloak. network low complexity redhat CWE-601	7.1
2023-12-21	CVE-2023-2585	Unspecified vulnerability in Redhat products Keycloak's device authorization grant does not correctly validate the device code and client ID. network low complexity redhat	8.1
2023-09-22	CVE-2022-4039	Incorrect Default Permissions vulnerability in Redhat products A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. network low complexity redhat CWE-276 critical	9.8
2023-09-20	CVE-2022-3916	Insufficient Session Expiration vulnerability in Redhat products A flaw was found in the offline_access scope in Keycloak. network high complexity redhat CWE-613	6.8
2023-09-14	CVE-2023-1108	Infinite Loop vulnerability in multiple products A flaw was found in undertow. network low complexity redhat netapp CWE-835	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.