Vulnerabilities > Redhat > Openshift Container Platform > 4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-09 | CVE-2022-0532 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. | 4.2 |
| 2021-06-02 | CVE-2021-3529 | Unspecified vulnerability in Redhat Noobaa-Operator and Openshift Container Platform A flaw was found in noobaa-core in versions before 5.7.0. | 7.1 |
| 2021-05-26 | CVE-2021-20297 | Improper Input Validation vulnerability in multiple products A flaw was found in NetworkManager in versions before 1.30.0. | 5.5 |
| 2021-05-14 | CVE-2020-27833 | Link Following vulnerability in Redhat Openshift Container Platform A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. | 7.1 |
| 2021-04-01 | CVE-2021-20291 | A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. | 6.5 |
| 2021-03-24 | CVE-2019-19353 | Unspecified vulnerability in Redhat Openshift Container Platform 4.0 An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hive as shipped in Red Hat Openshift 4. | 7.0 |
| 2021-03-24 | CVE-2019-19352 | Unspecified vulnerability in Redhat Openshift Container Platform 4.0 An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/presto as shipped in Red Hat Openshift 4. | 7.0 |
| 2021-03-23 | CVE-2021-20270 | Infinite Loop vulnerability in multiple products An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. | 7.5 |
| 2021-03-19 | CVE-2019-10225 | Unspecified vulnerability in Redhat Openshift and Openshift Container Platform A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. | 6.3 |
| 2021-03-19 | CVE-2019-10200 | Unspecified vulnerability in Redhat Openshift Container Platform 4.0 A flaw was discovered in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedule workloads on master nodes. | 7.2 |