Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-01	CVE-2022-1677	Resource Exhaustion vulnerability in Redhat Openshift Container Platform In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files. network low complexity redhat CWE-400	6.3
2022-08-29	CVE-2022-0718	Information Exposure Through Log Files vulnerability in multiple products A flaw was found in python-oslo-utils. network low complexity openstack redhat debian CWE-532	4.9
2022-08-26	CVE-2021-3669	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux ibm debian fedoraproject redhat CWE-770	5.5
2022-08-23	CVE-2021-3827	Improper Authentication vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. network high complexity redhat CWE-287	6.8
2022-07-06	CVE-2021-3695	Out-of-bounds Write vulnerability in multiple products A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. local high complexity gnu fedoraproject redhat netapp CWE-787	4.5
2022-07-06	CVE-2021-3696	Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. local high complexity gnu redhat netapp CWE-787	4.5
2022-05-17	CVE-2022-1706	Incorrect Authorization vulnerability in multiple products A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. network low complexity redhat fedoraproject CWE-863	6.5
2022-04-18	CVE-2022-27652	Incorrect Default Permissions vulnerability in multiple products A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. local low complexity kubernetes fedoraproject mobyproject redhat CWE-276	4.6
2022-03-02	CVE-2021-3631	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. local high complexity redhat netapp CWE-732	6.3
2022-02-09	CVE-2022-0532	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. network kubernetes redhat CWE-732	4.9