Openshift Container Platform

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-14	CVE-2023-6563	Allocation of Resources Without Limits or Throttling vulnerability in Redhat products An unconstrained memory consumption vulnerability was discovered in Keycloak. network low complexity redhat CWE-770	7.7
2023-11-02	CVE-2023-5408	Unspecified vulnerability in Redhat Openshift Container Platform A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. network low complexity redhat	7.2
2023-10-10	CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco	7.5
2023-10-06	CVE-2023-5366	Insufficient Verification of Data Authenticity vulnerability in multiple products A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. local low complexity openvswitch redhat CWE-345	5.5
2023-10-05	CVE-2022-3248	Incorrect Authorization vulnerability in Redhat products A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. network low complexity redhat CWE-863	7.5
2023-10-05	CVE-2022-4145	Injection vulnerability in Redhat Openshift Container Platform 4.0 A content spoofing flaw was found in OpenShift's OAuth endpoint. network low complexity redhat CWE-74	5.3
2023-10-04	CVE-2023-3153	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. network low complexity ovn redhat CWE-770	5.3
2023-10-04	CVE-2023-2422	Improper Certificate Validation vulnerability in Redhat products A flaw was found in Keycloak. network low complexity redhat CWE-295	7.1
2023-09-27	CVE-2023-4066	Cleartext Storage of Sensitive Information vulnerability in Redhat products A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker. local low complexity redhat CWE-312	5.5
2023-09-27	CVE-2023-4065	Incorrect Default Permissions vulnerability in Redhat products A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. local low complexity redhat CWE-276	5.5