VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Redhat
>
Openshift Container Platform
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-04-10
CVE-2023-1668
Always-Incorrect Control Flow Implementation vulnerability in multiple products
A flaw was found in openvswitch (OVS).
network
low complexity
cloudbase
debian
redhat
CWE-670
8.2
8.2
2023-03-03
CVE-2023-27561
Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go.
local
high complexity
linuxfoundation
redhat
debian
CWE-706
7.0
7.0
2022-09-13
CVE-2022-2989
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
local
low complexity
podman-project
redhat
7.1
7.1
2022-09-13
CVE-2022-2990
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
local
low complexity
buildah-project
redhat
7.1
7.1
2022-08-31
CVE-2022-2132
A permissive list of allowed inputs flaw was found in DPDK.
network
low complexity
dpdk
fedoraproject
debian
redhat
8.6
8.6
2022-07-06
CVE-2021-3697
Out-of-bounds Write vulnerability in multiple products
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap.
local
high complexity
gnu
redhat
CWE-787
7.0
7.0
2022-06-07
CVE-2022-1708
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API.
network
low complexity
kubernetes
fedoraproject
redhat
CWE-770
7.5
7.5
2022-04-29
CVE-2022-1227
Improper Privilege Management vulnerability in multiple products
A privilege escalation flaw was found in Podman.
network
low complexity
podman-project
psgo-project
redhat
fedoraproject
CWE-269
8.8
8.8
2022-04-04
CVE-2022-27649
Incorrect Default Permissions vulnerability in multiple products
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions.
network
high complexity
podman-project
redhat
fedoraproject
CWE-276
7.5
7.5
2022-04-04
CVE-2022-27650
Incorrect Default Permissions vulnerability in multiple products
A flaw was found in crun where containers were incorrectly started with non-empty default permissions.
network
high complexity
crun-project
fedoraproject
redhat
CWE-276
7.5
7.5
«
Previous
1
2
3
(current)
4
5
...
10
11
»
Next