Skip to main content

Openshift Container Platform Ibm Z Systems

6 CVEs product

Monthly

CVE-2024-4629 Maven MEDIUM PATCH This Month

A vulnerability was found in Keycloak. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Keycloak Build Of Keycloak Single Sign On Openshift Container Platform +3
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-6134 Maven MEDIUM POC PATCH This Month

A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Single Sign On Keycloak Openshift Container Platform Openshift Container Platform For Power +1
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2023-5625 HIGH PATCH This Week

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Red Hat Python Denial Of Service Openshift Container Platform For Arm64 Openshift Container Platform For Linuxone +3
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-0264 Maven MEDIUM PATCH This Month

A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Keycloak Single Sign On Openshift Container Platform Openshift Container Platform For Ibm Linuxone +1
NVD
CVSS 3.1
5.0
EPSS
1.3%
CVE-2023-3089 HIGH This Week

A compliance problem was found in the Red Hat OpenShift Container Platform. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Red Hat Information Disclosure Openshift Container Platform Openshift Container Platform For Linuxone Openshift Container Platform For Power +2
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-0056 MEDIUM This Month

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Haproxy Ceph Storage Software Collections Openshift Container Platform +5
NVD
CVSS 3.1
6.5
EPSS
1.8%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A vulnerability was found in Keycloak. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Keycloak Build Of Keycloak +5
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Single Sign On Keycloak +3
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Red Hat Python Denial Of Service +5
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Keycloak Single Sign On +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A compliance problem was found in the Red Hat OpenShift Container Platform. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Red Hat Information Disclosure Openshift Container Platform +4
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Haproxy Ceph Storage +7
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy