openshift

Direct Vulnerabilities

Known vulnerabilities in the openshift package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Unchecked Input for Loop Condition

*
  • H
Cross-site Scripting (XSS)

*
  • H
Cross-site Scripting (XSS)

*
  • H
Unchecked Input for Loop Condition

*
  • H
Creation of Immutable Text Using String Concatenation

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improperly Implemented Security Check for Standard

*
  • H
NULL Pointer Dereference

*
  • M
Cross-site Scripting (XSS)

*
  • H
Improper Preservation of Permissions

*
  • M
External Control of Assumed-Immutable Web Parameter

*
  • H
Missing Release of Resource after Effective Lifetime

*
  • M
Improper Output Neutralization for Logs

*
  • M
Improper Validation of Specified Type of Input

*
  • H
Improper Validation of Specified Quantity in Input

*
  • L
Missing Release of Resource after Effective Lifetime

*
  • M
Integer Overflow or Wraparound

*
  • M
Improper Validation of Unsafe Equivalence in Input

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
CVE-2026-33811

*
  • M
Open Redirect

*
  • M
Integer Overflow or Wraparound

*
  • M
HTTP Request Smuggling

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Cross-site Scripting (XSS)

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Excessive Platform Resource Consumption within a Loop

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • L
Improper Validation of Specified Quantity in Input

*
  • M
NULL Pointer Dereference

*
  • H
Improper Validation of Syntactic Correctness of Input

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Resource Exhaustion

*
  • M
CVE-2025-68121

*
  • M
Directory Traversal

*
  • M
Improper Validation of Integrity Check Value

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Certificate Validation

*
  • L
CVE-2025-58186

*
  • M
Out-of-bounds Read

*
  • M
Server-Side Request Forgery (SSRF)

*
  • M
Resource Exhaustion

*
  • M
Missing Reference to Active Allocated Resource

*
  • M
Reachable Assertion

*
  • M
Creation of Immutable Text Using String Concatenation

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Output Neutralization for Logs

*
  • M
Expected Behavior Violation

*
  • M
Information Exposure

*
  • M
Expected Behavior Violation

*
  • M
Missing Authentication for Critical Function

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
CVE-2025-4673

*
  • L
Incorrect Authorization

*
  • M
Cross-site Scripting (XSS)

*
  • M
HTTP Request Smuggling

*
  • L
Incorrect Authorization

*
  • L
Incorrect Authorization

*
  • L
Race Condition

*
  • M
Improper Input Validation

*
  • M
Resource Exhaustion

*
  • M
Information Exposure

*
  • L
Improper Verification of Cryptographic Signature

*
  • M
OS Command Injection

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • L
Improper Handling of Exceptional Conditions

*
  • H
Information Exposure

*
  • M
Use of Uninitialized Variable

*
  • M
Improper Input Validation

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • L
Information Exposure

*
  • H
Resource Exhaustion

*
  • M
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • M
Improper Certificate Validation

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Misinterpretation of Input

*
  • M
Arbitrary Code Injection

*
  • M
Improper Input Validation

*
  • M
Information Exposure

*
  • H
Improper Input Validation

*
  • M
Truncation of Security-relevant Information

*
  • M
Information Exposure

*
  • M
Resource Exhaustion

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • L
Incorrect Authorization

*
  • M
Buffer Access with Incorrect Length Value

*
  • M
Cross-site Scripting (XSS)

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
HTTP Response Splitting

*
  • M
CVE-2023-2728

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Resource Exhaustion

*
  • M
Arbitrary Code Injection

*
  • M
Resource Exhaustion

*
  • M
Improper Input Validation

<0:3.0.2.0-0.git.38.7576bc5.el7ose
  • H
Missing Authorization

<0:3.0.1.0-1.git.527.f8d5fed.el7ose
  • M
Directory Traversal

<0:3.0.2.0-0.git.20.656dc3e.el7ose
  • M
Improper Input Validation

<0:3.0.1.0-1.git.529.dcab62c.el7ose
  • M
Incorrect Default Permissions

*
  • C
Authentication Bypass by Primary Weakness

*
  • M
Improper Authorization

<0:3.0.2.0-0.git.45.423f434.el7ose
  • M
Improper Authorization

<0:3.0.2.0-0.git.45.423f434.el7ose
  • H
Out-of-bounds Write

*
  • M
Improper Input Validation

*
  • L
Arbitrary Code Injection

*
  • M
Insecure Default Variable Initialization

*
  • L
Improper Restriction of Rendered UI Layers or Frames

*
  • L
Improper Initialization

*
  • M
Directory Traversal

*
  • H
Authorization Bypass Through User-Controlled Key

*
  • M
Improper Certificate Validation

*
  • L
Improper Preservation of Permissions

*
  • L
Inappropriate Encoding for Output Context

*
  • L
Time-of-check Time-of-use (TOCTOU)

*
  • L
Improper Access Control

*
  • M
OS Command Injection

*
  • M
Insufficiently Protected Credentials

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • L
Placement of User into Incorrect Group

*
  • M
Algorithmic Complexity

*
  • M
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • M
Out-of-bounds Read

*
  • L
Insufficient Entropy

*
  • M
Missing Release of Resource after Effective Lifetime

*
  • M
Use of a Broken or Risky Cryptographic Algorithm

*
  • M
Integer Overflow or Wraparound

*
  • M
Improper Input Validation

*
  • L
External Control of File Name or Path

*
  • L
Resource Exhaustion

*
  • L
NULL Pointer Dereference

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*