Redhat

Openshift Container Platform

321 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 9.35%
  • Veröffentlicht 14.01.2025 18:15:25
  • Zuletzt bearbeitet 29.06.2026 21:16:30

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of un...

Exploit
  • EPSS 1.76%
  • Veröffentlicht 14.01.2025 18:15:25
  • Zuletzt bearbeitet 30.06.2026 00:16:48

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send chec...

  • EPSS 4.58%
  • Veröffentlicht 14.01.2025 18:15:25
  • Zuletzt bearbeitet 30.06.2026 00:16:48

A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, w...

  • EPSS 0.47%
  • Veröffentlicht 18.12.2024 05:15:07
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources.

  • EPSS 0.57%
  • Veröffentlicht 25.11.2024 07:15:06
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exp...

  • EPSS 0.6%
  • Veröffentlicht 17.11.2024 11:15:06
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.

  • EPSS 0.36%
  • Veröffentlicht 15.11.2024 21:15:06
  • Zuletzt bearbeitet 26.06.2026 05:16:25

A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when the logLevel is Debug higher for OIDC/GitHub/GitLab/Google IDPs login options.

  • EPSS 0.58%
  • Veröffentlicht 22.10.2024 14:15:19
  • Zuletzt bearbeitet 25.02.2025 08:15:29

A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to subm...

  • EPSS 0.52%
  • Veröffentlicht 22.10.2024 14:15:19
  • Zuletzt bearbeitet 15.01.2025 02:15:26

A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the atta...

  • EPSS 1.35%
  • Veröffentlicht 15.10.2024 16:15:06
  • Zuletzt bearbeitet 19.03.2026 18:16:13

A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image us...