Vulnerabilities > Redhat > Openshift Container Platform
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-02 | CVE-2021-3631 | A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. | 6.3 |
2022-03-02 | CVE-2022-0711 | Infinite Loop vulnerability in multiple products A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. | 7.5 |
2022-02-16 | CVE-2021-3560 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. | 7.8 |
2022-02-09 | CVE-2022-0532 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. | 4.2 |
2021-12-14 | CVE-2021-4104 | Deserialization of Untrusted Data vulnerability in multiple products JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. | 7.5 |
2021-06-02 | CVE-2021-3529 | Unspecified vulnerability in Redhat Noobaa-Operator and Openshift Container Platform A flaw was found in noobaa-core in versions before 5.7.0. | 7.1 |
2021-06-02 | CVE-2020-14336 | Unspecified vulnerability in Redhat Openshift Container Platform 3.11/4.5.16/4.6 A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. | 6.5 |
2021-06-02 | CVE-2020-10743 | It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. | 4.3 |
2021-05-26 | CVE-2021-20297 | Improper Input Validation vulnerability in multiple products A flaw was found in NetworkManager in versions before 1.30.0. | 5.5 |
2021-05-14 | CVE-2020-27833 | Link Following vulnerability in Redhat Openshift Container Platform A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. | 7.1 |