Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-01 | CVE-2022-1632 | An Improper Certificate Validation attack was found in Openshift. | 6.5 |
| 2022-09-01 | CVE-2022-1677 | Unspecified vulnerability in Redhat Openshift Container Platform In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files. | 6.3 |
| 2022-09-01 | CVE-2022-23452 | An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. | 4.9 |
| 2022-09-01 | CVE-2022-2238 | Unspecified vulnerability in Redhat Advanced Cluster Management for Kubernetes 2.0 A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend. | 6.5 |
| 2022-09-01 | CVE-2022-2403 | Unspecified vulnerability in Redhat Openshift 4.11/4.12/4.9 A credentials leak was found in the OpenShift Container Platform. | 6.5 |
| 2022-09-01 | CVE-2022-2447 | Operation on a Resource after Expiration or Release vulnerability in multiple products A flaw was found in Keystone. | 6.6 |
| 2022-09-01 | CVE-2022-2739 | Cleartext Storage of Sensitive Information vulnerability in multiple products The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. | 5.3 |
| 2022-09-01 | CVE-2022-2764 | A flaw was found in Undertow. | 4.9 |
| 2022-08-31 | CVE-2022-1263 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. | 5.5 |
| 2022-08-31 | CVE-2022-1354 | A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. | 5.5 |