Redhat Openshift Container Platform For Ibm Z — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Openshift Container Platform For Ibm Z, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2024-1132 — CVSS 8.1 (high): A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to…
CVE-2022-4039 — CVSS 8.0 (high): A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface…
CVE-2025-13601 — CVSS 7.7 (high): A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string()…
CVE-2020-8945 — CVSS 7.5 (high): The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by…
CVE-2025-6021 — CVSS 7.5 (high): A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer…
CVE-2023-6291 — CVSS 7.1 (high): A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A…
CVE-2024-1725 — CVSS 6.5 (medium): A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an…
CVE-2024-9676 — CVSS 6.5 (medium): A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause…
CVE-2024-8883 — CVSS 6.1 (medium): A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect…
CVE-2023-2585 — CVSS 3.5 (low): Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing…