Vulnerabilities > Redhat > Openshift

DATE CVE VULNERABILITY TITLE RISK
2022-09-01 CVE-2022-2403 Unspecified vulnerability in Redhat Openshift 4.11/4.12/4.9
A credentials leak was found in the OpenShift Container Platform.
network
low complexity
redhat
6.5
2022-08-24 CVE-2021-4125 Deserialization of Untrusted Data vulnerability in Redhat Openshift
It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as not all JndiLookup.class files were removed.
network
high complexity
redhat CWE-502
8.1
2022-07-06 CVE-2021-3695 Out-of-bounds Write vulnerability in multiple products
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area.
local
high complexity
gnu fedoraproject redhat netapp CWE-787
4.5
2022-07-06 CVE-2021-3696 Out-of-bounds Write vulnerability in multiple products
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader.
local
high complexity
gnu redhat netapp CWE-787
4.5
2022-07-06 CVE-2021-3697 Out-of-bounds Write vulnerability in multiple products
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap.
local
high complexity
gnu redhat CWE-787
7.0
2022-06-30 CVE-2013-4561 Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file.
network
low complexity
redhat CWE-668
critical
9.1
2022-04-11 CVE-2021-4047 Unspecified vulnerability in Redhat Openshift 4.9
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing.
network
low complexity
redhat
7.5
2021-07-30 CVE-2021-3636 Improper Authentication vulnerability in Redhat Openshift
It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates.
low complexity
redhat CWE-287
4.6
2021-06-02 CVE-2020-35514 Unspecified vulnerability in Redhat Openshift
An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift.
local
high complexity
redhat
7.0
2021-05-27 CVE-2020-1761 Unspecified vulnerability in Redhat Openshift
A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage.
network
low complexity
redhat
6.1