Vulnerabilities > Redhat > Openshift Container Platform

DATE CVE VULNERABILITY TITLE RISK
2021-04-01 CVE-2021-20291 A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1.
network
low complexity
storage-project redhat fedoraproject
6.5
2021-03-24 CVE-2019-19354 Unspecified vulnerability in Redhat Openshift Container Platform 4.4
An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4.
local
low complexity
redhat
7.8
2021-03-24 CVE-2019-19353 Unspecified vulnerability in Redhat Openshift Container Platform 4.0
An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hive as shipped in Red Hat Openshift 4.
local
high complexity
redhat
7.0
2021-03-24 CVE-2019-19352 Unspecified vulnerability in Redhat Openshift Container Platform 4.0
An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/presto as shipped in Red Hat Openshift 4.
local
high complexity
redhat
7.0
2021-03-23 CVE-2021-20270 Infinite Loop vulnerability in multiple products
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
network
low complexity
pygments redhat fedoraproject debian CWE-835
7.5
2021-03-19 CVE-2019-10225 Unspecified vulnerability in Redhat Openshift and Openshift Container Platform
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey.
network
low complexity
redhat
6.3
2021-03-19 CVE-2019-10200 Unspecified vulnerability in Redhat Openshift Container Platform 4.0
A flaw was discovered in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedule workloads on master nodes.
network
low complexity
redhat
7.2
2021-03-18 CVE-2020-27827 A flaw was found in multiple versions of OpenvSwitch. 7.5
2021-03-16 CVE-2021-3344 Insufficiently Protected Credentials vulnerability in Redhat Openshift Builder and Openshift Container Platform
A privilege escalation flaw was found in OpenShift builder.
network
low complexity
redhat CWE-522
8.8
2021-03-16 CVE-2021-20218 Unspecified vulnerability in Redhat products
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after.
network
high complexity
redhat
7.4