Vulnerabilities > Redhat > Openshift Container Platform FOR Power

DATE CVE VULNERABILITY TITLE RISK
2024-10-15 CVE-2024-9676 Unspecified vulnerability in Redhat products
A vulnerability was found in Podman, Buildah, and CRI-O.
network
low complexity
redhat
6.5
2024-09-03 CVE-2024-4629 Unspecified vulnerability in Redhat products
A vulnerability was found in Keycloak.
network
low complexity
redhat
6.5
2024-01-26 CVE-2023-6291 Open Redirect vulnerability in Redhat products
A flaw was found in the redirect_uri validation logic in Keycloak.
network
low complexity
redhat CWE-601
7.1
2023-12-21 CVE-2023-2585 Unspecified vulnerability in Redhat products
Keycloak's device authorization grant does not correctly validate the device code and client ID.
network
low complexity
redhat
8.1
2023-12-14 CVE-2023-6134 Cross-site Scripting vulnerability in Redhat products
A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token.
network
low complexity
redhat CWE-79
5.4
2023-12-14 CVE-2023-6563 Allocation of Resources Without Limits or Throttling vulnerability in Redhat products
An unconstrained memory consumption vulnerability was discovered in Keycloak.
network
low complexity
redhat CWE-770
7.7
2023-11-01 CVE-2023-5625 Resource Exhaustion vulnerability in Redhat products
A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.
network
low complexity
redhat CWE-400
7.5
2023-09-27 CVE-2023-3223 Unspecified vulnerability in Redhat products
A flaw was found in undertow.
network
low complexity
redhat
7.5
2023-09-25 CVE-2022-4318 Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products
A vulnerability was found in cri-o.
local
low complexity
kubernetes redhat fedoraproject CWE-913
7.8
2023-09-22 CVE-2022-4039 Incorrect Default Permissions vulnerability in Redhat products
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled.
network
low complexity
redhat CWE-276
critical
9.8