Redhat Openshift Container Platform For Linuxone — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Openshift Container Platform For Linuxone, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2024-1132 — CVSS 8.1 (high): A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to…
CVE-2022-4039 — CVSS 8.0 (high): A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface…
CVE-2022-4318 — CVSS 7.8 (high): A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted…
CVE-2025-13601 — CVSS 7.7 (high): A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string()…
CVE-2020-8945 — CVSS 7.5 (high): The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by…
CVE-2023-1108 — CVSS 7.5 (high): A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in…
CVE-2024-1635 — CVSS 7.5 (high): A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a…
CVE-2025-6021 — CVSS 7.5 (high): A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer…
CVE-2023-6291 — CVSS 7.1 (high): A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A…
CVE-2023-3089 — CVSS 7.0 (high): A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of…
CVE-2022-3916 — CVSS 6.8 (medium): A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are…
CVE-2024-4629 — CVSS 6.5 (medium): A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login…
CVE-2024-1725 — CVSS 6.5 (medium): A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an…
CVE-2024-9676 — CVSS 6.5 (medium): A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause…
CVE-2024-8883 — CVSS 6.1 (medium): A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect…
CVE-2023-5625 — CVSS 5.3 (medium): A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch…
CVE-2023-2585 — CVSS 3.5 (low): Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing…