microshift-multus

Direct Vulnerabilities

Known vulnerabilities in the microshift-multus package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Incorrect Behavior Order: Authorization Before Parsing and Canonicalization	<0:4.16.63-202605251227.p0.g1133ac0.assembly.4.16.63.el9
H Incorrect Behavior Order: Authorization Before Parsing and Canonicalization	<0:4.19.32-202605212036.p0.g27d51c3.assembly.4.19.32.el9
H Incorrect Behavior Order: Authorization Before Parsing and Canonicalization	<0:4.18.42-202605181217.p0.gf4eeb37.assembly.4.18.42.el9
H Multiple Locks of a Critical Resource	*
M Integer Overflow or Wraparound	*
M HTTP Request Smuggling	*
H Allocation of Resources Without Limits or Throttling	*
H Allocation of Resources Without Limits or Throttling	*
H Improper Validation of Unsafe Equivalence in Input	*
M Time-of-check Time-of-use (TOCTOU)	*
M Cross-site Scripting (XSS)	*
M Allocation of Resources Without Limits or Throttling	*
M Excessive Platform Resource Consumption within a Loop	*
M Out-of-bounds Read	*
H Incorrect Behavior Order: Authorization Before Parsing and Canonicalization	*
M Resource Exhaustion	<0:4.16.58-202603160404.p0.gb9661ec.assembly.4.16.58.el9
M NULL Pointer Dereference	*
H Improper Validation of Syntactic Correctness of Input	*
H Improper Certificate Validation	*
M Allocation of Resources Without Limits or Throttling	*
M CVE-2025-68121	*
M Resource Exhaustion	*
M Resource Exhaustion	<0:4.17.49-202602161401.p0.g708a69a.assembly.4.17.49.el9
H Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Certificate Validation	*
M Out-of-bounds Read	*
H Excessive Platform Resource Consumption within a Loop	*
L CVE-2025-58186	*
M Server-Side Request Forgery (SSRF)	*
M Resource Exhaustion	*
M Missing Reference to Active Allocated Resource	*
H Incorrect Execution-Assigned Permissions	*
M Reachable Assertion	*
H Reachable Assertion	*
M Creation of Immutable Text Using String Concatenation	*
M Missing Authentication for Critical Function	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Output Neutralization for Logs	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Information Exposure	*
M Time-of-check Time-of-use (TOCTOU)	*
M CVE-2025-4673	*
L Improper Handling of Exceptional Conditions	*
L Improper Verification of Cryptographic Signature	*
M Information Exposure	*
M Cross-site Scripting (XSS)	*
M Use of Uninitialized Variable	*
L Incorrect Authorization	*
L Incorrect Authorization	*
H Asymmetric Resource Consumption (Amplification)	*
M Improper Input Validation	*
M Information Exposure	*
H Improper Validation of Syntactic Correctness of Input	*
H Allocation of Resources Without Limits or Throttling	*
H Information Exposure	<0:4.16.24-202411220522.p0.gcc4fedc.assembly.4.16.24.el9
H Information Exposure	<0:4.17.7-202411280904.p0.g129334d.assembly.4.17.7.el9
M Allocation of Resources Without Limits or Throttling	*
M Improper Input Validation	*
H Information Exposure	<0:4.16.0-202406260523.p0.gc5a37df.assembly.4.16.0.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:4.16.0-202406260523.p0.gc5a37df.assembly.4.16.0.el9
H Information Exposure	<0:4.16.0-202406260523.p0.gc5a37df.assembly.4.16.0.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:4.16.0-202406260523.p0.gc5a37df.assembly.4.16.0.el9

Vulnerability

Vulnerable Version

Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

<0:4.16.63-202605251227.p0.g1133ac0.assembly.4.16.63.el9