High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-10	CVE-2023-44487	Resource Exhaustion vulnerability in multiple products The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. network low complexity ietf nghttp2 netty envoyproxy eclipse caddyserver golang f5 apache apple grpc microsoft nodejs dena facebook amazon debian kazu-yamamoto istio varnish-cache-project traefik projectcontour linkerd linecorp redhat fedoraproject netapp akka konghq jenkins openresty cisco CWE-400	7.5
2022-12-09	CVE-2022-3259	Improper Initialization vulnerability in Redhat Openshift 4.9 Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks. network high complexity redhat CWE-665	7.4
2022-12-08	CVE-2022-3262	Insecure Default Initialization of Resource vulnerability in Redhat Openshift 4.9 A flaw was found in Openshift. network low complexity redhat CWE-1188	8.1
2022-10-19	CVE-2013-4253	Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift 1.0 The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file. network low complexity redhat CWE-668	7.5
2022-08-24	CVE-2021-4125	Deserialization of Untrusted Data vulnerability in Redhat Openshift It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as not all JndiLookup.class files were removed. network high complexity redhat CWE-502	8.1
2022-07-06	CVE-2021-3697	Out-of-bounds Write vulnerability in multiple products A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. local high complexity gnu redhat CWE-787	7.0
2022-04-11	CVE-2021-4047	Improper Input Validation vulnerability in Redhat Openshift 4.9 The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. network low complexity redhat CWE-20	7.5
2020-04-02	CVE-2019-19348	Improper Privilege Management vulnerability in Redhat Openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. local high complexity redhat CWE-269	7.0
2020-04-02	CVE-2019-19346	Improper Privilege Management vulnerability in Redhat Openshift An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . local high complexity redhat CWE-269	7.0
2020-03-20	CVE-2020-1709	Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift A vulnerability was found in all openshift/mediawiki 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/mediawiki. local low complexity redhat CWE-732	7.8