openshift vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the openshift package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Expected Behavior Violation	*
M Information Exposure	*
M Expected Behavior Violation	*
M Time-of-check Time-of-use (TOCTOU)	*
M CVE-2025-4673	*
L Incorrect Authorization	*
H Link Following	*
M Cross-site Scripting (XSS)	*
M HTTP Request Smuggling	*
L Incorrect Authorization	*
L Incorrect Authorization	*
L Race Condition	*
M Improper Input Validation	*
M Resource Exhaustion	*
M Information Exposure	*
L Improper Verification of Cryptographic Signature	*
M OS Command Injection	*
L Improper Handling of Exceptional Conditions	*
H Information Exposure	*
M Use of Uninitialized Variable	*
M Improper Input Validation	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Information Exposure	*
H Resource Exhaustion	*
M Improper Handling of Highly Compressed Data (Data Amplification)	*
M Improper Input Validation	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Misinterpretation of Input	*
M Arbitrary Code Injection	*
M Improper Input Validation	*
M Information Exposure	*
H Improper Input Validation	*
M Truncation of Security-relevant Information	*
M Information Exposure	*
M Resource Exhaustion	*
M Allocation of Resources Without Limits or Throttling	*
H Resource Exhaustion	*
H Resource Exhaustion	*
L Incorrect Authorization	*
M Buffer Access with Incorrect Length Value	*
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M HTTP Response Splitting	*
M CVE-2023-2728	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
M Arbitrary Code Injection	*
M Resource Exhaustion	*
M Improper Input Validation	<0:3.0.2.0-0.git.38.7576bc5.el7ose
H Missing Authorization	<0:3.0.1.0-1.git.527.f8d5fed.el7ose
M Directory Traversal	<0:3.0.2.0-0.git.20.656dc3e.el7ose
M Improper Input Validation	<0:3.0.1.0-1.git.529.dcab62c.el7ose
M Incorrect Default Permissions	*
C Authentication Bypass by Primary Weakness	*
M Improper Authorization	<0:3.0.2.0-0.git.45.423f434.el7ose
M Improper Authorization	<0:3.0.2.0-0.git.45.423f434.el7ose
H Out-of-bounds Write	*
M Improper Input Validation	*
L Arbitrary Code Injection	*
M Insecure Default Variable Initialization	*
L Improper Restriction of Rendered UI Layers or Frames	*
L Improper Initialization	*
M Directory Traversal	*
H Authorization Bypass Through User-Controlled Key	*
M Improper Certificate Validation	*
L Improper Preservation of Permissions	*
L Improper Input Validation	*
L Time-of-check Time-of-use (TOCTOU)	*
L Improper Access Control	*
M Improper Input Validation	*
M Insufficiently Protected Credentials	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Resource Exhaustion	*
L Placement of User into Incorrect Group	*
M Algorithmic Complexity	*
M CVE-2022-41715	*
M HTTP Request Smuggling	*
M Directory Traversal	*
M Resource Exhaustion	*
L Resource Exhaustion	*
M Improperly Controlled Sequential Memory Allocation	*
M Improper Input Validation	*
L Insufficient Entropy	*
M Missing Release of Resource after Effective Lifetime	*
M Use of a Broken or Risky Cryptographic Algorithm	*
M Integer Overflow or Wraparound	*
M Improper Input Validation	*
L Improper Input Validation	*
L Resource Exhaustion	*
L NULL Pointer Dereference	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*

Vulnerability

Vulnerable Version

Expected Behavior Violation