Openshift Container Platform FOR Power

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-20	CVE-2022-3916	Insufficient Session Expiration vulnerability in Redhat products A flaw was found in the offline_access scope in Keycloak. network high complexity redhat CWE-613	6.8
2023-09-14	CVE-2023-1108	Infinite Loop vulnerability in multiple products A flaw was found in undertow. network low complexity redhat netapp CWE-835	7.5
2023-07-07	CVE-2022-4361	Cross-site Scripting vulnerability in Redhat products Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. network low complexity redhat CWE-79	6.1
2023-07-05	CVE-2023-3089	Weak Password Requirements vulnerability in Redhat products A compliance problem was found in the Red Hat OpenShift Container Platform. network low complexity redhat CWE-521	7.5
2019-04-08	CVE-2019-0211	Use After Free vulnerability in multiple products In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. local low complexity apache fedoraproject canonical debian opensuse netapp redhat oracle CWE-416	7.8