Vulnerabilities > Redhat > Openshift
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-01 | CVE-2022-2403 | Exposure of System Data to an Unauthorized Control Sphere vulnerability in Redhat Openshift 4.9 A credentials leak was found in the OpenShift Container Platform. | 6.5 |
| 2022-08-24 | CVE-2021-4125 | Deserialization of Untrusted Data vulnerability in Redhat Openshift It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as not all JndiLookup.class files were removed. | 8.1 |
| 2022-07-06 | CVE-2021-3695 | Out-of-bounds Write vulnerability in multiple products A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. | 4.5 |
| 2022-07-06 | CVE-2021-3696 | Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. | 4.5 |
| 2022-07-06 | CVE-2021-3697 | Out-of-bounds Write vulnerability in multiple products A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. | 7.0 |
| 2022-06-30 | CVE-2013-4561 | Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. | 6.4 |
| 2022-04-11 | CVE-2021-4047 | Improper Input Validation vulnerability in Redhat Openshift 4.9 The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. | 7.5 |
| 2021-07-30 | CVE-2021-3636 | Improper Authentication vulnerability in Redhat Openshift It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. | 4.6 |
| 2021-06-02 | CVE-2020-35514 | Incorrect Privilege Assignment vulnerability in Redhat Openshift An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift. | 4.4 |
| 2021-05-27 | CVE-2020-1761 | Unspecified vulnerability in Redhat Openshift A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. network redhat | 4.3 |