Vulnerabilities > Redhat > Openshift Container Platform > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-02 | CVE-2024-3056 | Resource Exhaustion vulnerability in multiple products A flaw was found in Podman. | 7.7 |
| 2024-07-01 | CVE-2024-6387 | Race Condition vulnerability in multiple products A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). | 8.1 |
| 2024-06-05 | CVE-2024-5037 | Authentication Bypass by Spoofing vulnerability in Redhat products A flaw was found in OpenShift's Telemeter. | 7.5 |
| 2024-01-26 | CVE-2023-6291 | Open Redirect vulnerability in Redhat products A flaw was found in the redirect_uri validation logic in Keycloak. | 7.1 |
| 2024-01-09 | CVE-2023-6476 | Allocation of Resources Without Limits or Throttling vulnerability in Redhat Openshift Container Platform 3.11/4.13/4.14 A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. | 7.5 |
| 2023-12-21 | CVE-2023-2585 | Unspecified vulnerability in Redhat products Keycloak's device authorization grant does not correctly validate the device code and client ID. | 8.1 |
| 2023-12-14 | CVE-2023-6563 | Allocation of Resources Without Limits or Throttling vulnerability in Redhat products An unconstrained memory consumption vulnerability was discovered in Keycloak. | 7.7 |
| 2023-11-02 | CVE-2023-5408 | Unspecified vulnerability in Redhat Openshift Container Platform A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. | 7.2 |
| 2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
| 2023-10-05 | CVE-2022-3248 | Incorrect Authorization vulnerability in Redhat products A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. | 7.5 |