Openshift Application Runtimes Security Vulnerabilities and Issues — Openshift Application Runtimes CVE List

Lucene search

RedhatOpenshift Application Runtimes

5 matches found

CVE•added 2022/08/23 4:15 p.m.•259 views

CVE-2021-3690

A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability.

7.5CVSS7.1AI score0.00557EPSS

CVE•added 2022/08/31 4:15 p.m.•165 views

CVE-2022-1319

A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADE...

7.5CVSS7.3AI score0.002EPSS

CVE•added 2022/08/24 4:15 p.m.•142 views

CVE-2021-4178

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.

6.7CVSS6.7AI score0.00069EPSS

CVE•added 2022/08/31 4:15 p.m.•133 views

CVE-2022-1259

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.

7.5CVSS6.3AI score0.00151EPSS

CVE•added 2022/08/25 8:15 p.m.•66 views

CVE-2021-3914

It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.

6.1CVSS5.9AI score0.0026EPSS