Vulnerabilities > Redhat > Openshift Container Platform FOR Power
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-15 | CVE-2024-9676 | Unspecified vulnerability in Redhat products A vulnerability was found in Podman, Buildah, and CRI-O. | 6.5 |
2024-09-03 | CVE-2024-4629 | Unspecified vulnerability in Redhat products A vulnerability was found in Keycloak. | 6.5 |
2024-01-26 | CVE-2023-6291 | Open Redirect vulnerability in Redhat products A flaw was found in the redirect_uri validation logic in Keycloak. | 7.1 |
2023-12-21 | CVE-2023-2585 | Unspecified vulnerability in Redhat products Keycloak's device authorization grant does not correctly validate the device code and client ID. | 8.1 |
2023-12-14 | CVE-2023-6134 | Cross-site Scripting vulnerability in Redhat products A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. | 5.4 |
2023-12-14 | CVE-2023-6563 | Allocation of Resources Without Limits or Throttling vulnerability in Redhat products An unconstrained memory consumption vulnerability was discovered in Keycloak. | 7.7 |
2023-11-01 | CVE-2023-5625 | Resource Exhaustion vulnerability in Redhat products A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products. | 7.5 |
2023-09-27 | CVE-2023-3223 | Unspecified vulnerability in Redhat products A flaw was found in undertow. | 7.5 |
2023-09-25 | CVE-2022-4318 | Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products A vulnerability was found in cri-o. | 7.8 |
2023-09-22 | CVE-2022-4039 | Incorrect Default Permissions vulnerability in Redhat products A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. | 9.8 |