VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
>
Openshift Container Platform
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-09-13
CVE-2022-2990
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
local
low complexity
buildah-project
redhat
7.1
7.1
2022-08-31
CVE-2022-2132
A permissive list of allowed inputs flaw was found in DPDK.
network
low complexity
dpdk
fedoraproject
debian
redhat
8.6
8.6
2022-07-06
CVE-2021-3697
Out-of-bounds Write vulnerability in multiple products
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap.
local
high complexity
gnu
redhat
CWE-787
7.0
7.0
2022-06-07
CVE-2022-1708
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API.
network
low complexity
kubernetes
fedoraproject
redhat
CWE-770
7.5
7.5
2022-04-29
CVE-2022-1227
Improper Privilege Management vulnerability in multiple products
A privilege escalation flaw was found in Podman.
network
low complexity
podman-project
psgo-project
redhat
fedoraproject
CWE-269
8.8
8.8
2022-04-04
CVE-2022-27649
Incorrect Default Permissions vulnerability in multiple products
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions.
network
high complexity
podman-project
redhat
fedoraproject
CWE-276
7.5
7.5
2022-04-04
CVE-2022-27650
Incorrect Default Permissions vulnerability in multiple products
A flaw was found in crun where containers were incorrectly started with non-empty default permissions.
network
high complexity
crun-project
fedoraproject
redhat
CWE-276
7.5
7.5
2022-03-03
CVE-2021-3609
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges.
local
high complexity
linux
redhat
netapp
7.0
7.0
2022-03-02
CVE-2022-0711
Infinite Loop vulnerability in multiple products
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header.
network
low complexity
haproxy
redhat
debian
CWE-835
7.5
7.5
2022-02-16
CVE-2021-3560
Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user.
local
low complexity
polkit-project
debian
canonical
redhat
CWE-754
7.8
7.8
«
Previous
1
2
3
(current)
4
5
...
10
11
»
Next