Vulnerabilities > Redhat > Openshift Container Platform

DATE CVE VULNERABILITY TITLE RISK
2022-09-13 CVE-2022-2990 An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
local
low complexity
buildah-project redhat
7.1
2022-09-01 CVE-2022-1632 An Improper Certificate Validation attack was found in Openshift.
network
low complexity
redhat fedoraproject
6.5
2022-09-01 CVE-2022-1677 Unspecified vulnerability in Redhat Openshift Container Platform
In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files.
network
low complexity
redhat
6.3
2022-08-31 CVE-2022-2132 A permissive list of allowed inputs flaw was found in DPDK.
network
low complexity
dpdk fedoraproject debian redhat
8.6
2022-08-29 CVE-2022-0669 A flaw was found in dpdk.
local
low complexity
dpdk openvswitch redhat
6.5
2022-08-29 CVE-2022-0718 Information Exposure Through Log Files vulnerability in multiple products
A flaw was found in python-oslo-utils.
network
low complexity
openstack redhat debian CWE-532
4.9
2022-08-26 CVE-2021-3669 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux ibm debian fedoraproject redhat CWE-770
5.5
2022-08-23 CVE-2021-3827 Improper Authentication vulnerability in Redhat Keycloak and Single Sign-On
A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed.
network
high complexity
redhat CWE-287
6.8
2022-08-22 CVE-2020-27836 Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Container Platform 4.6
A flaw was found in cluster-ingress-operator.
network
low complexity
redhat CWE-732
critical
9.8
2022-07-06 CVE-2021-3695 Out-of-bounds Write vulnerability in multiple products
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area.
local
high complexity
gnu fedoraproject redhat netapp CWE-787
4.5