openshift-clients-redistributable vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the openshift-clients-redistributable package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M HTTP Request Smuggling	<0:4.19.0-202506161807.p0.gfa1fd95.assembly.stream.el9
M CVE-2025-4673	*
L Incorrect Authorization	*
L Incorrect Authorization	*
L Race Condition	*
L Improper Handling of Exceptional Conditions	*
M OS Command Injection	*
L Incorrect Authorization	*
M Allocation of Resources Without Limits or Throttling	*
L Improper Verification of Cryptographic Signature	*
M Incorrect Default Permissions	*
L Arbitrary Code Injection	*
L Improper Restriction of Rendered UI Layers or Frames	*
L Incorrect Authorization	*
M Insecure Default Variable Initialization	*
L Improper Preservation of Permissions	*
M Improper Certificate Validation	*
L Time-of-check Time-of-use (TOCTOU)	*
L Improper Access Control	*
M Insufficiently Protected Credentials	*
M Improper Input Validation	*
L NULL Pointer Dereference	*
H Improper Certificate Validation	*
M Improper Check for Unusual or Exceptional Conditions	*
L Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Improper Input Validation	*
M Improper Authentication	*
M Information Exposure	*
M Cross-site Scripting (XSS)	*
M HTTP Request Smuggling	<0:4.19.0-202506161807.p0.gfa1fd95.assembly.stream.el9
M Improper Input Validation	*
M Resource Exhaustion	*
M Use of Uninitialized Variable	*
M Information Exposure Through Log Files	<0:4.17.0-202409111134.p0.gbc58b3a.assembly.stream.el9
M Improper Input Validation	<0:4.17.0-202409111134.p0.gbc58b3a.assembly.stream.el9
M Cross-site Scripting (XSS)	<0:4.16.0-202407111006.p0.gfa84651.assembly.stream.el9
M Cross-site Scripting (XSS)	<0:4.16.0-202407111006.p0.gfa84651.assembly.stream.el9
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:4.16.0-202407111006.p0.gfa84651.assembly.stream.el9
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:4.16.0-202407111006.p0.gfa84651.assembly.stream.el9
H Resource Exhaustion	*
H Memory Leak	<0:4.13.0-202404020737.p0.gd192e90.assembly.stream.el9
H Resource Exhaustion	<0:4.14.0-202404151639.p0.gf7b14a9.assembly.stream.el9
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el9
H Memory Leak	<0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el9
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el9
H Memory Leak	<0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el9
H Improper Handling of Highly Compressed Data (Data Amplification)	<0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el9
H Memory Leak	<0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el9
H Truncation of Security-relevant Information	<0:4.15.0-202402070507.p0.g48dcf59.assembly.stream.el9
H Information Exposure	<0:4.15.0-202402070507.p0.g48dcf59.assembly.stream.el9
H Resource Exhaustion	<0:4.15.0-202402070507.p0.g48dcf59.assembly.stream.el9
H Resource Exhaustion	<0:4.15.0-202402070507.p0.g48dcf59.assembly.stream.el9
H CVE-2023-2728	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H CVE-2023-2727	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Exposure of Data Element to Wrong Session	<0:4.13.0-202305312300.p0.g05d83ef.assembly.stream.el9
H Exposure of Data Element to Wrong Session	<0:4.13.0-202305312300.p0.g05d83ef.assembly.stream.el9
M Resource Exhaustion	<0:4.12.0-202301312133.p0.gb05f7d4.assembly.stream.el9
H Resource Exhaustion	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H HTTP Response Splitting	<0:4.14.0-202311031050.p0.g9b1e0d2.assembly.stream.el9
H Resource Exhaustion	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Resource Exhaustion	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H CVE-2023-39321	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Cross-site Scripting (XSS)	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Allocation of Resources Without Limits or Throttling	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Cross-site Scripting (XSS)	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Cross-site Scripting (XSS)	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Resource Exhaustion	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Use After Free	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Use of a Broken or Risky Cryptographic Algorithm	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Use of a Broken or Risky Cryptographic Algorithm	<0:4.13.0-202306230038.p0.ge4c9a6a.assembly.stream.el9
H Resource Exhaustion	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
H Directory Traversal	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Improper Handling of Unicode Encoding	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Improper Handling of Unicode Encoding	<0:4.12.0-202305301015.p0.g97c75d0.assembly.stream.el9
H Improper Handling of Unicode Encoding	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Improper Handling of Unicode Encoding	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Authentication Bypass	<0:4.13.0-202306230038.p0.ge4c9a6a.assembly.stream.el9
H Authentication Bypass	<0:4.13.0-202306230038.p0.ge4c9a6a.assembly.stream.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Resource Exhaustion	<0:4.13.0-202306230038.p0.ge4c9a6a.assembly.stream.el9
H Resource Exhaustion	<0:4.13.0-202305312300.p0.g05d83ef.assembly.stream.el9
H Arbitrary Code Injection	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Arbitrary Code Injection	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Resource Exhaustion	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Resource Exhaustion	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Improper Input Validation	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Improper Input Validation	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
M Improper Certificate Validation	<0:4.12.0-202301042257.p0.g854f807.assembly.stream.el9
M Incorrect Default Permissions	<0:4.12.0-202301042257.p0.g854f807.assembly.stream.el9
H Improper Initialization	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
M Improper Initialization	<0:4.12.0-202301042257.p0.g854f807.assembly.stream.el9
M Server-Side Request Forgery (SSRF)	<0:4.12.0-202301042257.p0.g854f807.assembly.stream.el9
M Directory Traversal	<0:4.12.0-202301042257.p0.g854f807.assembly.stream.el9
M Improper Access Control	<0:4.12.0-202301042257.p0.g854f807.assembly.stream.el9
M Resource Exhaustion	<0:4.12.0-202301042257.p0.g854f807.assembly.stream.el9
H Authorization Bypass Through User-Controlled Key	*
L Improper Input Validation	*
H Resource Exhaustion	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Resource Exhaustion	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Resource Exhaustion	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Resource Exhaustion	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Resource Exhaustion	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Resource Exhaustion	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
L Placement of User into Incorrect Group	*
H Allocation of Resources Without Limits or Throttling	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Allocation of Resources Without Limits or Throttling	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Time-of-check Time-of-use (TOCTOU)	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Time-of-check Time-of-use (TOCTOU)	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H HTTP Request Smuggling	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H HTTP Request Smuggling	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Allocation of Resources Without Limits or Throttling	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Allocation of Resources Without Limits or Throttling	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Resource Exhaustion	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
M CVE-2022-41715	<0:4.12.0-202301312133.p0.gb05f7d4.assembly.stream.el9
M Allocation of Resources Without Limits or Throttling	<0:4.12.0-202301312133.p0.gb05f7d4.assembly.stream.el9
M HTTP Request Smuggling	<0:4.12.0-202301312133.p0.gb05f7d4.assembly.stream.el9
M Directory Traversal	<0:4.12.0-202301311516.p0.gb05f7d4.assembly.stream.el9
M Resource Exhaustion	<0:4.12.0-202308151125.p0.gf61957e.assembly.stream.el9
H Resource Exhaustion	<0:4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
M Resource Exhaustion	<0:4.13.0-202308112024.p0.g17b7acc.assembly.stream.el9
H Placement of User into Incorrect Group	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
H Placement of User into Incorrect Group	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9
M Resource Exhaustion	<0:4.12.0-202301042257.p0.g854f807.assembly.stream.el9
M Information Exposure	<0:4.12.0-202301042257.p0.g854f807.assembly.stream.el9
M Improperly Controlled Sequential Memory Allocation	<0:4.12.0-202301312133.p0.gb05f7d4.assembly.stream.el9
M HTTP Request Smuggling	<0:4.12.0-202301042257.p0.g854f807.assembly.stream.el9
H Use of a Broken or Risky Cryptographic Algorithm	<0:4.13.0-202305291355.p0.g1024efc.assembly.stream.el9
H Use of a Broken or Risky Cryptographic Algorithm	<0:4.13.0-202303241616.p0.g92b1a3d.assembly.stream.el9

openshift-clients-redistributable vulnerabilities

Direct Vulnerabilities

How to fix?