Vulnerabilities > Redhat > Openshift Container Platform > 4.9

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-04	CVE-2023-2422	Improper Certificate Validation vulnerability in Redhat products A flaw was found in Keycloak. network low complexity redhat CWE-295	7.1
2023-09-22	CVE-2022-4039	Incorrect Default Permissions vulnerability in Redhat products A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. network low complexity redhat CWE-276 critical	9.8
2023-09-20	CVE-2022-3916	Insufficient Session Expiration vulnerability in Redhat products A flaw was found in the offline_access scope in Keycloak. network high complexity redhat CWE-613	6.8
2023-08-04	CVE-2023-0264	Improper Authentication vulnerability in Redhat products A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. network high complexity redhat CWE-287	5.0
2023-03-29	CVE-2022-1274	Cross-site Scripting vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in Keycloak in the execute-actions-email endpoint. network low complexity redhat CWE-79	5.4
2022-09-01	CVE-2022-1677	Resource Exhaustion vulnerability in Redhat Openshift Container Platform In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files. network low complexity redhat CWE-400	6.3
2022-08-26	CVE-2021-3669	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux ibm debian fedoraproject redhat CWE-770	5.5
2022-08-23	CVE-2021-3827	Improper Authentication vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. network high complexity redhat CWE-287	6.8
2022-07-06	CVE-2021-3695	Out-of-bounds Write vulnerability in multiple products A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. local high complexity gnu fedoraproject redhat netapp CWE-787	4.5
2022-07-06	CVE-2021-3696	Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. local high complexity gnu redhat netapp CWE-787	4.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.