openshift vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the openshift package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M NULL Pointer Dereference	*
H Improper Validation of Syntactic Correctness of Input	*
H Improper Certificate Validation	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Certificate Validation	*
M Improper Validation of Integrity Check Value	*
M CVE-2025-68121	*
M Missing Reference to Active Allocated Resource	*
M Allocation of Resources Without Limits or Throttling	*
L CVE-2025-58186	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Reachable Assertion	*
M Out-of-bounds Read	*
M Resource Exhaustion	*
H Excessive Platform Resource Consumption within a Loop	*
M Creation of Immutable Text Using String Concatenation	*
M Improper Output Neutralization for Logs	*
M Allocation of Resources Without Limits or Throttling	*
M Directory Traversal	*
M Server-Side Request Forgery (SSRF)	*
L Incorrect Authorization	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Information Exposure	*
M Missing Authentication for Critical Function	*
M Time-of-check Time-of-use (TOCTOU)	*
M CVE-2025-4673	*
M Cross-site Scripting (XSS)	*
L Incorrect Authorization	*
L Incorrect Authorization	*
L Race Condition	*
M Improper Input Validation	*
M Resource Exhaustion	*
L Improper Verification of Cryptographic Signature	*
M Information Exposure	*
M OS Command Injection	*
L Improper Handling of Exceptional Conditions	*
M Use of Uninitialized Variable	*
M Improper Input Validation	*
M Truncation of Security-relevant Information	*
M Resource Exhaustion	*
M Allocation of Resources Without Limits or Throttling	*
L Incorrect Authorization	*
M Resource Exhaustion	*
M HTTP Response Splitting	*
M CVE-2023-2727	*
M CVE-2023-2728	*
M Incorrect Default Permissions	*
L Arbitrary Code Injection	*
M Insecure Default Variable Initialization	*
L Improper Restriction of Rendered UI Layers or Frames	*
L Improper Initialization	*
M Server-Side Request Forgery (SSRF)	*
M Directory Traversal	*
H Authorization Bypass Through User-Controlled Key	*
M Improper Certificate Validation	*
L Improper Preservation of Permissions	*
L Improper Input Validation	*
M Improper Validation of Array Index	*
M Improper Certificate Validation	*
L Inappropriate Encoding for Output Context	*
H Link Following	*
L Improper Output Neutralization for Logs	*
L Time-of-check Time-of-use (TOCTOU)	*
M Improper Output Neutralization for Logs	*
M Improper Output Neutralization for Logs	*
L Authentication Bypass	*
M Information Exposure	*
M Resource Exhaustion	*
L Improper Access Control	*
M Information Exposure	*
M OS Command Injection	*
M Insufficiently Protected Credentials	*
M Information Exposure Through Log Files	*
M Authentication Bypass by Primary Weakness	*
M Link Following	*
L Incorrect Permission Assignment for Critical Resource	*
H Resource Exhaustion	*
M Directory Traversal	*
M Resource Exhaustion	*
M Improper Access Control	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Man-in-the-Middle (MitM)	*
M Open Redirect	*
M Information Exposure	*
L Placement of User into Incorrect Group	*
M File and Directory Information Exposure	*
M Algorithmic Complexity	*
M Resource Exhaustion	*
L Resource Exhaustion	*
M Improperly Controlled Sequential Memory Allocation	*
M Out-of-bounds Read	*
L Insufficient Entropy	*
M Improperly Implemented Security Check for Standard	*
M Missing Release of Resource after Effective Lifetime	*
M Use of a Broken or Risky Cryptographic Algorithm	*
M Resource Exhaustion	*
M Unchecked Return Value	*
M Incorrect Privilege Assignment	*
M Integer Overflow or Wraparound	*
M Information Exposure	*
M Resource Exhaustion	*
M Improper Input Validation	*
L External Control of File Name or Path	*
L Resource Exhaustion	*
M Race Condition	*
L Improper Input Validation	*
M Resource Exhaustion	*
M Improper Input Validation	*
M Improper Input Validation	*
M Incorrect Calculation	*
L NULL Pointer Dereference	*
M Improper Certificate Validation	*
L Race Condition	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	*
M HTTP Request Smuggling	*
H Resource Exhaustion	*
H Resource Exhaustion	*
L Improper Input Validation	*
L Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Allocation of Resources Without Limits or Throttling	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Improper Handling of Length Parameter Inconsistency	*
M Use After Free	*

Vulnerability

Vulnerable Version

NULL Pointer Dereference