Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift container platform - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6476
A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node.
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.13
Redhat Openshift Container Platform 4.14
NA
CVE-2023-2422
A flaw was found in Keycloak. A Keycloak server configured to support mTLS authentication for OAuth/OpenID clients does not properly verify the client certificate chain. A client that possesses a proper certificate can authorize itself as any other client, therefore, access data ...
Redhat Keycloak -
Redhat Openshift Container Platform 4.9
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.12
Redhat Single Sign-on 7.6
NA
CVE-2022-3916
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enab...
Redhat Single Sign-on -
Redhat Keycloak
Redhat Single Sign-on 7.6
Redhat Openshift Container Platform 4.9
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform For Linuxone 4.9
Redhat Openshift Container Platform For Linuxone 4.10
Redhat Openshift Container Platform For Power 4.9
Redhat Openshift Container Platform For Power 4.10
Redhat Openshift Container Platform Ibm Z Systems 4.9
Redhat Openshift Container Platform Ibm Z Systems 4.10
5.8
CVSSv2
CVE-2019-11249
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary...
Kubernetes Kubernetes
Kubernetes Kubernetes 1.12.11
Redhat Openshift Container Platform 3.9
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 3.10
Redhat Openshift Container Platform 4.1
1 Article
5
CVSSv2
CVE-2019-11253
Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crash...
Kubernetes Kubernetes
Redhat Openshift Container Platform 3.9
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 3.10
1 Article
NA
CVE-2023-0056
An uncontrolled resource consumption vulnerability exists in HAProxy which could crash the service. This issue could allow an authenticated remote malicious user to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.
Haproxy Haproxy -
Redhat Software Collections -
Redhat Ceph Storage 5.0
Redhat Openshift Container Platform 4.12
Redhat Openshift Container Platform For Ibm Linuxone 4.12
Redhat Openshift Container Platform For Power 4.12
Redhat Openshift Container Platform Ibm Z Systems 4.12
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform For Ibm Linuxone 4.10
Redhat Openshift Container Platform For Power 4.10
Redhat Openshift Container Platform Ibm Z Systems 4.10
Redhat Openshift Container Platform For Ibm Linuxone 4.11
Redhat Openshift Container Platform For Power 4.11
Redhat Openshift Container Platform Ibm Z Systems 4.11
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2022-4361
Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an malicious user to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redir...
Redhat Keycloak
Redhat Single Sign-on
Redhat Single Sign-on -
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.12
Redhat Openshift Container Platform For Ibm Linuxone 4.9
Redhat Openshift Container Platform For Ibm Linuxone 4.10
Redhat Openshift Container Platform For Power 4.9
Redhat Openshift Container Platform For Power 4.10
NA
CVE-2023-6563
An unconstrained memory consumption vulnerability exists in Keycloak. It can be triggered in environments which have millions of offline tokens (> 500,000 users with each having at least 2 saved sessions). If an attacker creates two or more user sessions and then open the &quo...
Redhat Keycloak
Redhat Single Sign-on 7.6
Redhat Single Sign-on -
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.12
Redhat Openshift Container Platform For Power 4.9
Redhat Openshift Container Platform For Power 4.10
Redhat Openshift Container Platform For Ibm Linuxone 4.9
Redhat Openshift Container Platform For Ibm Linuxone 4.10
NA
CVE-2023-6134
A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an malicious user to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is ...
Redhat Single Sign-on
Redhat Keycloak
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.12
Redhat Openshift Container Platform For Power 4.9
Redhat Openshift Container Platform For Power 4.10
Redhat Openshift Container Platform Ibm Z Systems 4.9
Redhat Openshift Container Platform Ibm Z Systems 4.10
Redhat Single Sign-on -
NA
CVE-2023-0264
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session t...
Redhat Keycloak
Redhat Single Sign-on
Redhat Openshift Container Platform 4.9
Redhat Openshift Container Platform 4.10
Redhat Openshift Container Platform For Ibm Linuxone 4.9
Redhat Openshift Container Platform For Ibm Linuxone 4.10
Redhat Openshift Container Platform Ibm Z Systems 4.9
Redhat Openshift Container Platform Ibm Z Systems 4.10
Redhat Single Sign-on -
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »