openshift4/oc-mirror-plugin-rhel9

Direct Vulnerabilities

Known vulnerabilities in the openshift4/oc-mirror-plugin-rhel9 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Incorrect Calculation of Buffer Size	*
M Allocation of Resources Without Limits or Throttling	*
L Improper Validation of Specified Quantity in Input	*
M Directory Traversal	*
M Authentication Bypass	*
H Improper Validation of Specified Index, Position, or Offset in Input	*
H Improper Validation of Specified Index, Position, or Offset in Input	*
M Directory Traversal	*
M Missing Authentication for Critical Function	*
H Information Exposure	*
H Direct Request ('Forced Browsing')	*
M Authentication Bypass	*
H Improper Handling of Highly Compressed Data (Data Amplification)	*
H Information Exposure	*
H Allocation of Resources Without Limits or Throttling	*
H Improper Validation of Syntactic Correctness of Input	*
M Reliance on Untrusted Inputs in a Security Decision	*
M Authorization Bypass Through User-Controlled Key	*
M Insufficient Granularity of Access Control	*
H Incorrect Behavior Order: Authorization Before Parsing and Canonicalization	*
H Improper Validation of Syntactic Correctness of Input	*
M Authentication Bypass	*
H Improper Validation of Array Index	*
M Information Exposure Through Log Files	*
L Exposure of Data Element to Wrong Session	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
M Allocation of Resources Without Limits or Throttling	*
M Open Redirect	*
L Access of Uninitialized Pointer	*
M Improper Validation of Integrity Check Value	*
H Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Directory Traversal	*
M Server-Side Request Forgery (SSRF)	*
M Server-Side Request Forgery (SSRF)	*
M NULL Pointer Dereference	*
H Improper Handling of Highly Compressed Data (Data Amplification)	*
H Improper Handling of Highly Compressed Data (Data Amplification)	*
M Allocation of Resources Without Limits or Throttling	*
H Allocation of Resources Without Limits or Throttling	*
H Excessive Platform Resource Consumption within a Loop	*
M Improper Certificate Validation	*
M Allocation of Resources Without Limits or Throttling	*
L CVE-2025-58186	*
M Out-of-bounds Read	*
H Allocation of Resources Without Limits or Throttling	*
M Resource Exhaustion	*
M Missing Reference to Active Allocated Resource	*
H Asymmetric Resource Consumption (Amplification)	*
M Reachable Assertion	*
H Authentication Bypass	*
H Allocation of Resources Without Limits or Throttling	*
M Creation of Immutable Text Using String Concatenation	*
M Improper Validation of Syntactic Correctness of Input	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Output Neutralization for Logs	*
M Uncontrolled Memory Allocation	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Use of Uninitialized Resource	*
M Time-of-check Time-of-use (TOCTOU)	*
H Arbitrary Code Injection	*
L Improper Input Validation	*

openshift4/oc-mirror-plugin-rhel9

Direct Vulnerabilities

Fix vulnerabilities automatically