Vulnerabilities > Redhat > Openshift Container Platform > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-14 | CVE-2021-4104 | Deserialization of Untrusted Data vulnerability in multiple products JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. | 7.5 |
2021-06-02 | CVE-2021-3529 | Unspecified vulnerability in Redhat Noobaa-Operator and Openshift Container Platform A flaw was found in noobaa-core in versions before 5.7.0. | 7.1 |
2021-05-14 | CVE-2020-27833 | Link Following vulnerability in Redhat Openshift Container Platform A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. | 7.1 |
2021-03-24 | CVE-2019-19354 | Unspecified vulnerability in Redhat Openshift Container Platform 4.4 An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4. | 7.8 |
2021-03-24 | CVE-2019-19353 | Unspecified vulnerability in Redhat Openshift Container Platform 4.0 An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hive as shipped in Red Hat Openshift 4. | 7.0 |
2021-03-24 | CVE-2019-19352 | Unspecified vulnerability in Redhat Openshift Container Platform 4.0 An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/presto as shipped in Red Hat Openshift 4. | 7.0 |
2021-03-23 | CVE-2021-20270 | Infinite Loop vulnerability in multiple products An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. | 7.5 |
2021-03-19 | CVE-2019-10200 | Unspecified vulnerability in Redhat Openshift Container Platform 4.0 A flaw was discovered in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedule workloads on master nodes. | 7.2 |
2021-03-18 | CVE-2020-27827 | A flaw was found in multiple versions of OpenvSwitch. | 7.5 |
2021-03-16 | CVE-2021-3344 | Insufficiently Protected Credentials vulnerability in Redhat Openshift Builder and Openshift Container Platform A privilege escalation flaw was found in OpenShift builder. | 8.8 |