Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Openshift Container Platform
Total 249 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-45782 2 Gnu, Redhat 3 Grub2, Enterprise Linux, Openshift Container Platform 2025-03-25 N/A 7.8 HIGH
A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensitive data integrity and eventually leading to a secure boot protection bypass.
CVE-2018-1000861 2 Jenkins, Redhat 2 Jenkins, Openshift Container Platform 2025-03-14 10.0 HIGH 9.8 CRITICAL
A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.
CVE-2019-7609 2 Elastic, Redhat 2 Kibana, Openshift Container Platform 2025-03-13 10.0 HIGH 10.0 CRITICAL
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.
CVE-2023-0056 3 Fedoraproject, Haproxy, Redhat 10 Extra Packages For Enterprise Linux, Fedora, Haproxy and 7 more 2025-02-25 N/A 6.5 MEDIUM
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.
CVE-2024-50311 1 Redhat 1 Openshift Container Platform 2025-02-25 N/A 6.5 MEDIUM
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in one query. This issue causes excessive resource consumption, leading to application unavailability for legitimate users.
CVE-2019-1003029 2 Jenkins, Redhat 2 Script Security, Openshift Container Platform 2025-02-20 6.5 MEDIUM 9.9 CRITICAL
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM.
CVE-2019-1003030 2 Jenkins, Redhat 2 Pipeline\, Openshift Container Platform 2025-02-20 6.5 MEDIUM 9.9 CRITICAL
A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM.
CVE-2024-50312 1 Redhat 1 Openshift Container Platform 2025-01-15 N/A 5.3 MEDIUM
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery of flaws or errors specific to the application's GraphQL implementation.
CVE-2019-9514 13 Apache, Apple, Canonical and 10 more 30 Traffic Server, Mac Os X, Swiftnio and 27 more 2025-01-14 7.8 HIGH 7.5 HIGH
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.
CVE-2019-9515 12 Apache, Apple, Canonical and 9 more 24 Traffic Server, Mac Os X, Swiftnio and 21 more 2025-01-14 7.8 HIGH 7.5 HIGH
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CVE-2023-2253 1 Redhat 3 Openshift Api For Data Protection, Openshift Container Platform, Openshift Developer Tools And Services 2025-01-07 N/A 6.5 MEDIUM
A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.
CVE-2024-3056 3 Fedoraproject, Podman Project, Redhat 4 Fedora, Podman, Enterprise Linux and 1 more 2024-12-27 N/A 7.7 HIGH
A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container's cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be removed until all containers using it are stopped, and one non-malicious container is holding the namespace open. The malicious container is restarted, either automatically or by attacker control, repeating the process and increasing the amount of memory consumed. With a container configured to restart always, such as `podman run --restart=always`, this can result in a memory-based denial of service of the system.
CVE-2024-9341 2 Containers, Redhat 3 Common, Enterprise Linux, Openshift Container Platform 2024-12-11 N/A 5.4 MEDIUM
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.
CVE-2023-27561 3 Debian, Linuxfoundation, Redhat 4 Debian Linux, Runc, Enterprise Linux and 1 more 2024-12-06 N/A 7.0 HIGH
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
CVE-2024-8883 1 Redhat 6 Build Of Keycloak, Openshift Container Platform, Openshift Container Platform For Ibm Z and 3 more 2024-11-26 N/A 6.1 MEDIUM
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.
CVE-2024-7079 1 Redhat 1 Openshift Container Platform 2024-11-21 N/A 6.5 MEDIUM
A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser() middleware function. Contrary to its name, this middleware function does not verify the validity of the user's credentials. As a result, unauthenticated users can access this endpoint.
CVE-2024-5037 1 Redhat 2 Openshift Container Platform, Openshift Distributed Tracing 2024-11-21 N/A 7.5 HIGH
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication.
CVE-2024-4629 1 Redhat 8 Build Of Keycloak, Enterprise Linux, Keycloak and 5 more 2024-11-21 N/A 6.5 MEDIUM
A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This timing loophole enables attackers to make more guesses at passwords than intended, potentially compromising account security on affected systems.
CVE-2023-6563 1 Redhat 6 Enterprise Linux, Keycloak, Openshift Container Platform and 3 more 2024-11-21 N/A 7.7 HIGH
An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens (> 500,000 users with each having at least 2 saved sessions). If an attacker creates two or more user sessions and then open the "consents" tab of the admin User Interface, the UI attempts to load a huge number of offline client sessions leading to excessive memory and CPU consumption which could potentially crash the entire system.
CVE-2023-6476 1 Redhat 2 Enterprise Linux, Openshift Container Platform 2024-11-21 N/A 6.5 MEDIUM
A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node.