openshift vulnerabilities

Known vulnerabilities in the openshift package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Improper Input Validation	*
M Truncation of Security-relevant Information	*
M Resource Exhaustion	*
M Allocation of Resources Without Limits or Throttling	*
L Incorrect Authorization	*
M Resource Exhaustion	*
M HTTP Response Splitting	*
M CVE-2023-2727	*
M CVE-2023-2728	*
M Incorrect Default Permissions	*
H Information Exposure	*
L Arbitrary Code Injection	*
M Insecure Default Variable Initialization	*
M Authentication Bypass	*
L Improper Restriction of Rendered UI Layers or Frames	*
L Improper Initialization	*
M Server-Side Request Forgery (SSRF)	*
M Directory Traversal	*
H Authorization Bypass Through User-Controlled Key	*
M Improper Certificate Validation	*
L Improper Preservation of Permissions	*
L Improper Input Validation	*
M Improper Validation of Array Index	*
M Improper Certificate Validation	*
L Improper Input Validation	*
H Link Following	*
L Improper Output Neutralization for Logs	*
L Time-of-check Time-of-use (TOCTOU)	*
M Improper Output Neutralization for Logs	*
M Improper Output Neutralization for Logs	*
L Authentication Bypass	*
M Information Exposure	*
M Resource Exhaustion	*
L Improper Access Control	*
M Information Exposure	*
M Improper Input Validation	*
M Insufficiently Protected Credentials	*
M Information Exposure Through Log Files	*
M Authentication Bypass by Primary Weakness	*
M Link Following	*
L Incorrect Permission Assignment for Critical Resource	*
H Resource Exhaustion	*
M Directory Traversal	*
M Resource Exhaustion	*
M Improper Access Control	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Man-in-the-Middle (MitM)	*
M Open Redirect	*
M Information Exposure	*
L Placement of User into Incorrect Group	*
M File and Directory Information Exposure	*
M Algorithmic Complexity	*
M CVE-2022-41715	*
M Allocation of Resources Without Limits or Throttling	*
H HTTP Request Smuggling	*
M Directory Traversal	*
M Resource Exhaustion	*
L Resource Exhaustion	*
M Information Exposure	*
M Improperly Controlled Sequential Memory Allocation	*
M HTTP Request Smuggling	*
M Improper Input Validation	*
L Insufficient Entropy	*
M Improper Privilege Management	*
M Missing Release of Resource after Effective Lifetime	*
M Use of a Broken or Risky Cryptographic Algorithm	*
M Resource Exhaustion	*
M Unchecked Return Value	*
M Incorrect Authorization	*
M Integer Overflow or Wraparound	*
M Information Exposure	*
M Resource Exhaustion	*
M Improper Input Validation	*
L Improper Input Validation	*
L Resource Exhaustion	*
M Race Condition	*
L Improper Input Validation	*
M Resource Exhaustion	*
M Improper Input Validation	*
M Improper Input Validation	*
M Incorrect Calculation	*
L NULL Pointer Dereference	*
M Improper Certificate Validation	*
L Race Condition	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	*
M HTTP Request Smuggling	*
H Resource Exhaustion	*
H Resource Exhaustion	*
L Improper Input Validation	*
L Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Improper Input Validation	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Improper Handling of Length Parameter Inconsistency	*
M Use After Free	*

Vulnerability

Vulnerable Version

Improper Input Validation