Vulnerabilities > Redhat > Openshift Container Platform > 4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-29	CVE-2022-0669	A flaw was found in dpdk. local low complexity dpdk openvswitch redhat	6.5
2022-08-29	CVE-2022-0718	Information Exposure Through Log Files vulnerability in multiple products A flaw was found in python-oslo-utils. network low complexity openstack redhat debian CWE-532	4.9
2022-06-07	CVE-2022-1708	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. network low complexity kubernetes fedoraproject redhat CWE-770	7.5
2022-05-17	CVE-2022-1706	Incorrect Authorization vulnerability in multiple products A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. network low complexity redhat fedoraproject CWE-863	6.5
2022-04-29	CVE-2022-1227	Improper Privilege Management vulnerability in multiple products A privilege escalation flaw was found in Podman. network low complexity podman-project psgo-project redhat fedoraproject CWE-269	8.8
2022-04-18	CVE-2022-27652	Incorrect Default Permissions vulnerability in multiple products A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. local low complexity kubernetes fedoraproject mobyproject redhat CWE-276	5.3
2022-04-04	CVE-2022-27649	Incorrect Default Permissions vulnerability in multiple products A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. network high complexity podman-project redhat fedoraproject CWE-276	7.5
2022-04-04	CVE-2022-27650	Incorrect Default Permissions vulnerability in multiple products A flaw was found in crun where containers were incorrectly started with non-empty default permissions. network high complexity crun-project fedoraproject redhat CWE-276	7.5
2022-04-01	CVE-2021-20238	Missing Authentication for Critical Function vulnerability in Redhat products It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. network high complexity redhat CWE-306	3.7
2022-03-02	CVE-2022-0711	Infinite Loop vulnerability in multiple products A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. network low complexity haproxy redhat debian CWE-835	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.