High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-27	CVE-2023-3223	Unspecified vulnerability in Redhat products A flaw was found in undertow. network low complexity redhat	7.5
2023-09-24	CVE-2023-1260	An authentication bypass vulnerability was discovered in kube-apiserver. network high complexity kubernetes redhat	8.0
2023-09-20	CVE-2023-4853	Incorrect Authorization vulnerability in multiple products A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. network high complexity quarkus redhat CWE-863	8.1
2023-09-14	CVE-2023-1108	Infinite Loop vulnerability in multiple products A flaw was found in undertow. network low complexity redhat netapp CWE-835	7.5
2023-07-05	CVE-2023-3089	Weak Password Requirements vulnerability in Redhat products A compliance problem was found in the Red Hat OpenShift Container Platform. network low complexity redhat CWE-521	7.5
2023-04-10	CVE-2023-1668	Always-Incorrect Control Flow Implementation vulnerability in multiple products A flaw was found in openvswitch (OVS). network low complexity cloudbase debian redhat CWE-670	8.2
2023-03-03	CVE-2023-27561	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. local high complexity linuxfoundation redhat debian CWE-706	7.0
2022-09-13	CVE-2022-2989	Placement of User into Incorrect Group vulnerability in multiple products An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. local low complexity podman-project redhat CWE-842	7.1
2022-09-13	CVE-2022-2990	Placement of User into Incorrect Group vulnerability in multiple products An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. local low complexity buildah-project redhat CWE-842	7.1
2022-08-31	CVE-2022-2132	A permissive list of allowed inputs flaw was found in DPDK. network low complexity dpdk fedoraproject debian redhat	8.6