openshift-kube-apiserver

Direct Vulnerabilities

Known vulnerabilities in the openshift-kube-apiserver package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Link Following

*
  • M
Information Exposure

*
  • H
Allocation of Resources Without Limits or Throttling

<0:4.19.0-202606301915.p2.g63adf01.assembly.stream.el9
  • H
Incorrect Conversion between Numeric Types

*
  • M
Cross-site Scripting (XSS)

*
  • H
Excessive Platform Resource Consumption within a Loop

*
  • M
Missing Release of Resource after Effective Lifetime

*
  • M
Integer Overflow or Wraparound

*
  • H
Improper Verification of Cryptographic Signature

*
  • H
Unchecked Input for Loop Condition

*
  • H
Cross-site Scripting (XSS)

*
  • H
Cross-site Scripting (XSS)

*
  • H
Creation of Immutable Text Using String Concatenation

*
  • M
Cross-site Scripting (XSS)

*
  • H
Unchecked Input for Loop Condition

*
  • M
Improperly Implemented Security Check for Standard

*
  • H
NULL Pointer Dereference

*
  • H
Improper Preservation of Permissions

*
  • M
Cross-site Scripting (XSS)

*
  • M
External Control of Assumed-Immutable Web Parameter

*
  • M
Improper Output Neutralization for Logs

*
  • H
Missing Release of Resource after Effective Lifetime

*
  • M
Improper Validation of Specified Type of Input

*
  • H
Improper Validation of Specified Quantity in Input

*
  • L
Missing Release of Resource after Effective Lifetime

*
  • M
Integer Overflow or Wraparound

*
  • M
Improper Validation of Unsafe Equivalence in Input

*
  • M
Improper Privilege Management

<0:4.20.0-202605141748.p2.g2a0461f.assembly.stream.el9
  • M
Allocation of Resources Without Limits or Throttling

<0:4.20.0-202605141748.p2.g2a0461f.assembly.stream.el9
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
CVE-2026-33811

*
  • H
Write-what-where Condition

<0:4.21.0-202605142021.p2.geab2218.assembly.stream.el9
  • M
Open Redirect

*
  • M
Integer Overflow or Wraparound

*
  • M
HTTP Request Smuggling

*
  • M
Cross-site Scripting (XSS)

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Excessive Platform Resource Consumption within a Loop

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • L
Improper Validation of Specified Quantity in Input

*
  • M
NULL Pointer Dereference

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Directory Traversal

<0:4.19.0-202509070341.p2.gb5229e8.assembly.stream.el9
  • M
Improper Validation of Integrity Check Value

*
  • M
Resource Exhaustion

*
  • M
OS Command Injection

*
  • M
Directory Traversal

*
  • L
Incorrect Authorization

*
  • M
Cross-site Scripting (XSS)

*
  • L
Race Condition

*
  • M
Use of Uninitialized Variable

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • L
Improper Verification of Cryptographic Signature

*
  • L
Incorrect Authorization

*
  • L
Improper Preservation of Permissions

*
  • H
Authorization Bypass Through User-Controlled Key

*
  • L
Time-of-check Time-of-use (TOCTOU)

*
  • M
Improper Certificate Validation

*
  • L
NULL Pointer Dereference

*
  • L
Placement of User into Incorrect Group

*
  • L
Inappropriate Encoding for Output Context

*
  • M
Insufficiently Protected Credentials

*
  • M
OS Command Injection

*
  • M
Resource Exhaustion

<0:4.16.0-202602100409.p2.g41c4e9b.assembly.stream.el9
  • M
Resource Exhaustion

<0:4.17.0-202602031716.p2.g4e295fa.assembly.stream.el9
  • M
Directory Traversal

<0:4.16.0-202509111927.p2.gf3d9123.assembly.stream.el9
  • M
Creation of Temporary File With Insecure Permissions

<0:4.16.0-202509111927.p2.gf3d9123.assembly.stream.el9
  • H
Directory Traversal

<0:4.18.0-202509090932.p2.ga4cad44.assembly.stream.el9
  • M
Resource Exhaustion

*
  • M
Information Exposure

*
  • L
Resource Exhaustion

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Incorrect Default Permissions

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • L
Incorrect Authorization

*
  • L
Incorrect Authorization

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Input Validation

*
  • M
Improper Certificate Validation

*
  • M
Out-of-bounds Read

*
  • L
CVE-2025-58186

*
  • M
Server-Side Request Forgery (SSRF)

*
  • M
Missing Reference to Active Allocated Resource

*
  • L
Improper Handling of Exceptional Conditions

*
  • M
Reachable Assertion

*
  • M
Creation of Immutable Text Using String Concatenation

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Output Neutralization for Logs

*
  • L
Arbitrary Code Injection

*
  • L
Improper Restriction of Rendered UI Layers or Frames

*
  • L
Improper Access Control

*
  • M
Insecure Default Variable Initialization

*
  • M
Expected Behavior Violation

*
  • M
Expected Behavior Violation

*
  • M
Information Exposure

*
  • M
Missing Authentication for Critical Function

*
  • M
HTTP Request Smuggling

<0:4.19.0-202509011627.p2.g169f654.assembly.stream.el9
  • M
CVE-2025-4673

*
  • M
HTTP Request Smuggling

<0:4.16.0-202507092005.p0.ga6b193c.assembly.stream.el9
  • M
HTTP Request Smuggling

<0:4.18.0-202507051134.p0.g817e6dd.assembly.stream.el9
  • H
Directory Traversal

<0:4.16.0-202406191607.p0.g58452d8.assembly.stream.el9
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Input Validation

*
  • H
Improper Validation of Integrity Check Value

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • M
Resource Exhaustion

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Arbitrary Code Injection

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Misinterpretation of Input

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Improper Certificate Validation

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Improper Input Validation

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Information Exposure

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Incorrect Behavior Order

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Improper Validation of Integrity Check Value

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Resource Exhaustion

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Arbitrary Code Injection

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Misinterpretation of Input

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Improper Certificate Validation

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Improper Input Validation

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Information Exposure

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
  • H
Incorrect Behavior Order

<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9