openshift4/ose-console

Direct Vulnerabilities

Known vulnerabilities in the openshift4/ose-console package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Arbitrary Code Injection

*
  • H
Reliance on Untrusted Inputs in a Security Decision

*
  • M
Arbitrary Code Injection

*
  • H
Unchecked Input for Loop Condition

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • H
OS Command Injection

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • H
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

*
  • M
Cross-site Scripting (XSS)

*
  • H
Excessive Platform Resource Consumption within a Loop

*
  • H
Inefficient Regular Expression Complexity

*
  • H
CRLF Injection

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Improperly Implemented Security Check for Standard

*
  • M
Inefficient Regular Expression Complexity

*
  • H
Unchecked Input for Loop Condition

*
  • H
Cross-site Scripting (XSS)

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Excessive Platform Resource Consumption within a Loop

*
  • L
Improper Neutralization of Equivalent Special Elements

*
  • M
Inappropriate Encoding for Output Context

*
  • H
Excessive Platform Resource Consumption within a Loop

*
  • M
Cross-site Scripting (XSS)

*
  • L
Time-of-check Time-of-use (TOCTOU)

*
  • H
Missing Release of Resource after Effective Lifetime

*
  • M
Cross-site Scripting (XSS)

*
  • M
Open Redirect

*
  • H
Improper Validation of Specified Quantity in Input

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Uncontrolled Recursion

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • L
Origin Validation Error

*
  • L
Missing Release of Resource after Effective Lifetime

*
  • H
Information Exposure

*
  • H
Information Exposure

*
  • H
Inefficient Regular Expression Complexity

*
  • H
Authentication Bypass

*
  • H
Arbitrary Code Injection

*
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improper Neutralization of Equivalent Special Elements

*
  • H
OS Command Injection

*
  • H
XML Injection

*
  • H
XML Injection

*
  • M
Buffer Overflow

*
  • M
Open Redirect

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Out-of-bounds Write

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Server-Side Request Forgery (SSRF)

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Insufficient Granularity of Access Control

*
  • M
Comparison Using Wrong Factors

*
  • M
CRLF Injection

*
  • M
Cross-site Scripting (XSS)

*
  • H
Arbitrary Code Injection

*
  • M
Cross-site Scripting (XSS)

*
  • H
Improper Cross-boundary Removal of Sensitive Data

*
  • M
Improper Validation of Unsafe Equivalence in Input

*
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • H
Improper Validation of Unsafe Equivalence in Input

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • L
Improper Validation of Specified Quantity in Input

*
  • H
Arbitrary Code Injection

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Unchecked Input for Loop Condition

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Executable Regular Expression Error

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Unchecked Input for Loop Condition

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Inefficient Regular Expression Complexity

*
  • H
Improper Validation of Specified Type of Input

*
  • M
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Resource Exhaustion

*
  • M
Cross-site Scripting (XSS)

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Improper Validation of Integrity Check Value

*
  • M
Cross-site Scripting (XSS)

*
  • M
Deserialization of Untrusted Data

*
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Cross-site Scripting (XSS)

*
  • M
Use of a Risky Cryptographic Primitive

*
  • M
Open Redirect

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • L
CVE-2025-58186

*
  • M
Out-of-bounds Read

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Resource Exhaustion

*
  • M
Missing Reference to Active Allocated Resource

*
  • H
Reachable Assertion

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Expected Behavior Violation

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Use of Uninitialized Resource

*
  • L
Link Following

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • L
Improper Validation of Specified Type of Input

*
  • M
Missing Initialization of Resource

*
  • L
Missing Initialization of Resource

*
  • M
Use of Insufficiently Random Values

*
  • H
Arbitrary Code Injection

*
  • H
Improper Input Validation

*
  • H
Improper Input Validation

*