Vulnerabilities > Redhat > Openshift Container Platform > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-27 | CVE-2017-12195 | Improper Authentication vulnerability in Redhat Openshift Container Platform A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. | 4.8 |
| 2018-07-25 | CVE-2018-13988 | Out-of-bounds Read vulnerability in multiple products Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. | 4.3 |
| 2018-07-16 | CVE-2017-15137 | Improper Input Validation vulnerability in Redhat Openshift and Openshift Container Platform The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. | 5.3 |
| 2018-07-01 | CVE-2018-13033 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. | 4.3 |
| 2018-06-12 | CVE-2018-1070 | Improper Input Validation vulnerability in Redhat Openshift Container Platform routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. | 5.0 |
| 2018-04-26 | CVE-2018-10237 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. | 5.9 |