Vulnerabilities > Redhat > Openshift Container Platform

DATE CVE VULNERABILITY TITLE RISK
2022-03-02 CVE-2021-3631 A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels.
local
high complexity
redhat netapp
6.3
2022-03-02 CVE-2022-0711 Infinite Loop vulnerability in multiple products
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header.
network
low complexity
haproxy redhat debian CWE-835
7.5
2022-02-16 CVE-2021-3560 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user.
7.8
2022-02-09 CVE-2022-0532 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier.
network
high complexity
kubernetes redhat CWE-732
4.2
2021-12-14 CVE-2021-4104 Deserialization of Untrusted Data vulnerability in multiple products
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration.
network
high complexity
apache fedoraproject redhat oracle CWE-502
7.5
2021-06-02 CVE-2021-3529 Unspecified vulnerability in Redhat Noobaa-Operator and Openshift Container Platform
A flaw was found in noobaa-core in versions before 5.7.0.
network
low complexity
redhat
7.1
2021-06-02 CVE-2020-14336 Unspecified vulnerability in Redhat Openshift Container Platform 3.11/4.5.16/4.6
A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets.
network
low complexity
redhat
6.5
2021-06-02 CVE-2020-10743 It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests.
network
low complexity
elastic redhat
4.3
2021-05-26 CVE-2021-20297 Improper Input Validation vulnerability in multiple products
A flaw was found in NetworkManager in versions before 1.30.0.
local
low complexity
gnome redhat fedoraproject CWE-20
5.5
2021-05-14 CVE-2020-27833 Link Following vulnerability in Redhat Openshift Container Platform
A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links.
network
high complexity
redhat CWE-59
7.1