Openshift Container Platform

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-03	CVE-2023-27561	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. local high complexity linuxfoundation redhat debian CWE-706	7.0
2022-12-28	CVE-2021-4294	Information Exposure Through Discrepancy vulnerability in Redhat Openshift Container Platform and Openshift Osin A vulnerability was found in OpenShift OSIN. network high complexity redhat CWE-203	5.9
2022-09-13	CVE-2022-2989	An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. local low complexity podman-project redhat	7.1
2022-09-13	CVE-2022-2990	An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. local low complexity buildah-project redhat	7.1
2022-09-01	CVE-2022-1632	An Improper Certificate Validation attack was found in Openshift. network low complexity redhat fedoraproject	6.5
2022-09-01	CVE-2022-1677	Unspecified vulnerability in Redhat Openshift Container Platform In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files. network low complexity redhat	6.3
2022-08-31	CVE-2022-2132	A permissive list of allowed inputs flaw was found in DPDK. network low complexity dpdk fedoraproject debian redhat	8.6
2022-08-29	CVE-2022-0669	A flaw was found in dpdk. local low complexity dpdk openvswitch redhat	6.5
2022-08-29	CVE-2022-0718	Information Exposure Through Log Files vulnerability in multiple products A flaw was found in python-oslo-utils. network low complexity openstack redhat debian CWE-532	4.9
2022-08-26	CVE-2021-3669	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux ibm debian fedoraproject redhat CWE-770	5.5