Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-5178
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote c...
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Netapp Solidfire & Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire & Hci Storage Node -
1 Github repository
7.5
CVSSv3
CVE-2023-5625
A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.
Redhat Openshift Container Platform For Arm64 4.12
Redhat Openshift Container Platform For Linuxone 4.12
Redhat Openshift Container Platform For Power 4.12
Redhat Openshift Container Platform Ibm Z Systems 4.12
Redhat Openstack Platform 17.1
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
5.5
CVSSv3
CVE-2023-5366
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local malicious user to create specially crafted packets with a modified or spoofed target IP address field that can redire...
Openvswitch Openvswitch
Redhat Enterprise Linux 7.0
Redhat Virtualization 4.0
Redhat Openshift Container Platform 4.0
Redhat Fast Datapath -
7.5
CVSSv3
CVE-2022-3248
A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. This issue could allow an malicious user to violate the boundaries, as permissions will not be applied.
Redhat Openshift Container Platform 4.0
Redhat Advanced Cluster Management For Kubernetes 2.0
5.3
CVSSv3
CVE-2022-4145
A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote, unauthenticated malicious user to inject text into a webpage, enabling the obfuscation of a phishing operation.
Redhat Openshift Container Platform 4.0
8.2
CVSSv3
CVE-2023-39191
An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalat...
Linux Linux Kernel
Fedoraproject Fedora 38
Redhat Enterprise Linux 9.0
5.5
CVSSv3
CVE-2023-3576
A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an malicious user to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, e...
Libtiff Libtiff
Fedoraproject Fedora -
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.3
CVSSv3
CVE-2023-3153
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an malicious user to cause a denial of service, including on deployments with CoPP enabled and properly configured.
Ovn Open Virtual Network
Redhat Openshift Container Platform 4.0
Redhat Fast Datapath -
7.5
CVSSv3
CVE-2023-3361
A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra notebook pipeline editor as Python DSL or YAML, it reads S3 credentials from the cluster (ds pipeline server) and saves them in plain text in the generated output instead of an ID for a K...
Opendatahub Open Data Hub Dashboard
Redhat Openshift Data Science -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »