Lucene search
+L
RedhatOpenshift Container Platform For Power

23 matches found

cve
cve
added 2019/04/08 9:31 p.m.14733 views

CVE-2019-0211

CVE-2019-0211 affects Apache HTTP Server 2.4.17–2.4.38 when using MPM event, worker, or prefork. The issue arises from code executing in less-privileged child processes/threads (including in-process scripting interpreters) that could be exploited to run arbitrary code with the privileges of the p...

7.8CVSS7.2AI score0.65005EPSS
In wild
cve
cve
added 2023/09/22 2:0 p.m.3281 views

CVE-2022-4039

CVE-2022-4039 affects Red Hat Single Sign-On for OpenShift container images where an unsecured management interface is enabled. Connected sources describe the flaw as allowing an attacker to use the management interface to deploy malicious code and to access/modify potentially sensitive informati...

9.8CVSS8.7AI score0.00789EPSS
cve
cve
added 2023/09/14 2:48 p.m.2771 views

CVE-2023-1108

CVE-2023-1108 affects Undertow within Red Hat JBoss EAP 7.3.x (SSLConduit) where an infinite loop on close can cause DoS. Connected RHSA-2025-9583 confirms the issue and indicates a fix in the eap-7.3.z line (Patched Undertow). Remediation is to upgrade to the patched EAP 7.3.x release (eap-7.3.z...

7.5CVSS7.3AI score0.01771EPSS
cve
cve
added 2023/12/21 9:24 a.m.2627 views

CVE-2023-2585

CVE-2023-2585 concerns Keycloak’s Device Authorization Grant, where flawed validation of device_code and client_id could allow a malicious OAuth client to spoof a consent request and trick an admin into granting access to other OAuth clients or cause unauthorized access. Connected sources corrobo...

8.1CVSS5.6AI score0.00694EPSS
cve
cve
added 2023/03/23 12:0 a.m.971 views

CVE-2023-0056

CVE-2023-0056 affects HAProxy and is described in connected advisories as an uncontrolled resource consumption DoS that can crash the service, including a scenario where an authenticated remote attacker could trigger a crafted server in an OpenShift cluster. The issue is associated with HAProxy’s...

6.5CVSS6.3AI score0.01834EPSS
cve
cve
added 2023/09/27 1:54 p.m.618 views

CVE-2023-3223

CVE-2023-3223 relates to Undertow: Servlets annotated with @MultipartConfig may cause an OutOfMemoryError from large multipart content, enabling remote DoS. A bypass may occur if fileSizeThreshold limits are configured but the file name in the request is set to null. The Nessus plugin notes an un...

7.5CVSS7.3AI score0.02044EPSS
cve
cve
added 2024/04/17 1:21 p.m.494 views

CVE-2024-1132

Keycloak path traversal vulnerability (CVE-2024-1132) arises from improper validation of redirect URLs, enabling an attacker to bypass validation and access other URLs within the domain when a client uses wildcard Valid Redirect URIs. The issue requires user interaction and affects clients with w...

8.1CVSS5.7AI score0.01552EPSS
cve
cve
added 2023/09/20 2:28 p.m.348 views

CVE-2022-3916

CVE-2022-3916 affects Keycloak via the offline_access scope. The flaw arises from missing root-session validation and reuse of session IDs between root and user authentication sessions, enabling an attacker to resolve a user session attached to a previously authenticated user; using the refresh t...

6.8CVSS7.1AI score0.00952EPSS
cve
cve
added 2024/09/19 3:48 p.m.337 views

CVE-2024-8883

CVE-2024-8883 : In Keycloak, a misconfiguration of the Valid Redirect URI allows open redirects when set to http://localhost or http://127.0.0.1. This can expose authorization codes and potentially enable session hijacking. The connected document (Keycloak open redirect) confirms the affected com...

6.1CVSS6.4AI score0.01959EPSS
In wild
cve
cve
added 2024/02/19 9:23 p.m.300 views

CVE-2024-1635

Undertow vulnerability CVE-2024-1635 affects servers supporting the wildfly-http-client protocol. The issue arises during HTTP upgrade to remoting: WriteTimeoutStreamSinkConduit is not notified when a RemotingConnection is closed, causing timeout tasks to leak and accumulate, which leaks connecti...

7.5CVSS7.4AI score0.04572EPSS
cve
cve
added 2024/01/26 2:23 p.m.293 views

CVE-2023-6291

Technical details about CVE-2023-6291 are not publicly available in the provided documents. Monitor for updates from Red Hat/Keycloak advisories for affected products, versions, and patches.

7.1CVSS6.5AI score0.0095EPSS
cve
cve
added 2023/07/05 12:21 p.m.280 views

CVE-2023-3089

CVE-2023-3089 affects Red Hat OpenShift Container Platform; in OpenShift 4.13.x, the advisory RHSA-2023:4093 notes the fix for OCP in FIPS mode, stating that the CVE-3089 issue (in which not all cryptographic modules in use were FIPS-validated) is addressed by upgrading to OpenShift 4.13.5 and ap...

7.5CVSS7.4AI score0.0052EPSS
cve
cve
added 2023/12/14 9:42 p.m.264 views

CVE-2023-6134

CVE-2023-6134 is a vulnerability in Keycloak-based Red Hat Single Sign-On (SSO) implementations, disclosed by OSV entries tied to RHSA advisories. The issue is a reflected XSS via a wildcard in the OIDC redirect_uri, arising from an incomplete fix for CVE-2020-10748. The connected docs confirm th...

5.4CVSS5.3AI score0.00912EPSS
cve
cve
added 2023/09/25 7:23 p.m.231 views

CVE-2022-4318

CVE-2022-4318 is confirmed in multiple records as a vulnerability in cri-o that enables tampering of /etc/passwd via a specially crafted environment variable, effectively a privilege escalation path. Affected scope includes cri-o deployments used by Red Hat OpenShift platforms (OpenShift 4.x line...

7.8CVSS7.4AI score0.00266EPSS
cve
cve
added 2023/12/14 6:1 p.m.194 views

CVE-2023-6563

CVE-2023-6563 is an offline-session DoS vulnerability in Keycloak/Red Hat SSO. Exploitation arises when an attacker triggers the admin UI by opening the consents tab after creating multiple user sessions, causing massive offline session load and resource exhaustion. The issue is acknowledged in R...

7.7CVSS7.3AI score0.01239EPSS
cve
cve
added 2024/03/07 8:9 p.m.191 views

CVE-2024-1725

The CVE-2024-1725 issue affects kubevirt-csi in OpenShift Virtualization’s Hosted Control Plane (HCP): an authenticated attacker can create a PersistentVolume that matches a worker node name to access the root HCP worker node’s volume. Exploitation is described in multiple advisories, with OpenSh...

6.5CVSS8AI score0.00631EPSS
cve
cve
added 2024/10/15 3:27 p.m.189 views

CVE-2024-9676

CVE-2024-9676 affects Podman, Buildah and CRI-O via a symlink traversal in the containers/storage library. The issue allows reading host files by the container when an image runs with an auto user namespace, potentially causing a denial of service (hangs and OOM). The connected documents mention ...

6.5CVSS6.9AI score0.01345EPSS
cve
cve
added 2023/11/01 1:28 p.m.188 views

CVE-2023-5625

CVE-2023-5625 describes a patch regression in Red Hat builds of python-eventlet where the CVE-2021-21419 fix was not applied across all builds/products. Connected sources confirm the issue affects python-eventlet and note a related memory-exhaustion risk via large or highly compressed websocket f...

7.5CVSS5.7AI score0.01807EPSS
cve
cve
added 2023/07/07 7:57 p.m.185 views

CVE-2022-4361

CVE-2022-4361 affects Keycloak’s SAML and OIDC providers, with a cross-site scripting (XSS) vulnerability that can be triggered by setting the AssertionConsumerServiceURL value or the redirect_uri. The connected sources consistently describe XSS in the SAML/OIDC flows and the ability to cause mal...

10CVSS5.7AI score0.00626EPSS
cve
cve
added 2025/06/12 12:49 p.m.164 views

CVE-2025-6021

Affects libxml2: multiple vendors report CVE-2025-6021 (integer overflow in xmlBuildQName causing stack-based buffer overflow). Documents show vulnerable libxml2 variants across distributions (e.g., AWS ALAS advisories for libxml2 with 2.9/2.10 lines; AIX advisory listing affected filesets; Astra...

7.5CVSS7.4AI score0.01067EPSS
cve
cve
added 2024/09/03 7:42 p.m.142 views

CVE-2024-4629

The CVE-2024-4629 issue is a brute-force protection bypass in Keycloak/Red Hat Single Sign-On 7.6.10 (and related builds). A timing-based flaw lets parallel login attempts exceed configured failed-attempt limits before lockout, enabling more password guesses. Red Hat has patched this in RHSA advi...

6.5CVSS6.6AI score0.00793EPSS
cve
cve
added 2026/03/19 1:50 p.m.82 views

CVE-2026-4424

CVE-2026-4424 affects libarchive’s RAR archive processing. A heap out-of-bounds read arises from improper validation of the LZSS sliding window size after transitions between compression methods, enabling a remote attacker to disclose sensitive heap memory without authentication. Documents consis...

7.5CVSS5.8AI score0.00882EPSS
cve
cve
added 2025/11/26 2:44 p.m.67 views

CVE-2025-13601

CVE-2025-13601 affects GLib’s g_escape_uri_string() where an integer overflow in buffer size calculation can cause a heap-based overflow when escaping strings with many invalid characters. Consequences are described as potential write past the end of the allocated buffer, leading to memory corrup...

7.7CVSS7AI score0.00313EPSS