https://access.redhat.com/security/cve/CVE-2022-1996
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/
https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10
https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/575BLJ3Y2EQBRNTFR2OSQQ6L2W6UCST3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OBDD3Q23RCGAGHIXUCWBU6N3S4RNAKXB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SO5QC2JFW2PXBWAE27OYYYL5SPFUBHTY/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56PP46JVZEKCANBKXFKRVSBBRRMCY6V/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZGQKWD6SE75PFBPFVSZYAKAVXKBZXKWS/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/
https://security.netapp.com/advisory/ntap-20220923-0005/

Vulnerability	Vulnerable Version
M NULL Pointer Dereference	*
H Improper Validation of Syntactic Correctness of Input	*
H Improper Certificate Validation	*
M Allocation of Resources Without Limits or Throttling	*
H Directory Traversal	<0:4.19.0-202509070341.p2.gb5229e8.assembly.stream.el9
H Directory Traversal	<0:4.20.0-202509232257.p2.ge0d4216.assembly.stream.el9
M Improper Validation of Integrity Check Value	*
M CVE-2025-68121	*
M Resource Exhaustion	*
M OS Command Injection	*
M Directory Traversal	*
L Incorrect Authorization	*
M Cross-site Scripting (XSS)	*
L Race Condition	*
M Use of Uninitialized Variable	*
M Time-of-check Time-of-use (TOCTOU)	*
L Improper Verification of Cryptographic Signature	*
L Incorrect Authorization	*
L Improper Preservation of Permissions	*
H Authorization Bypass Through User-Controlled Key	*
L Time-of-check Time-of-use (TOCTOU)	*
M Improper Certificate Validation	*
L NULL Pointer Dereference	*
L Placement of User into Incorrect Group	*
L Inappropriate Encoding for Output Context	*
M Insufficiently Protected Credentials	*
M OS Command Injection	*
M Resource Exhaustion	<0:4.16.0-202602100409.p2.g41c4e9b.assembly.stream.el9
M Resource Exhaustion	<0:4.17.0-202602031716.p2.g4e295fa.assembly.stream.el9
M Directory Traversal	<0:4.16.0-202509111927.p2.gf3d9123.assembly.stream.el9
M Creation of Temporary File With Insecure Permissions	<0:4.16.0-202509111927.p2.gf3d9123.assembly.stream.el9
H Directory Traversal	<0:4.18.0-202509090932.p2.ga4cad44.assembly.stream.el9
H Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Resource Exhaustion	*
M Information Exposure	*
L Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Incorrect Default Permissions	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Incorrect Authorization	*
L Incorrect Authorization	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Input Validation	*
M Improper Certificate Validation	*
M Out-of-bounds Read	*
H Excessive Platform Resource Consumption within a Loop	*
L CVE-2025-58186	*
M Server-Side Request Forgery (SSRF)	*
M Resource Exhaustion	*
M Missing Reference to Active Allocated Resource	*
L Improper Handling of Exceptional Conditions	*
H Incorrect Execution-Assigned Permissions	*
M Reachable Assertion	*
M Creation of Immutable Text Using String Concatenation	*
H Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Output Neutralization for Logs	*
L Arbitrary Code Injection	*
L Improper Restriction of Rendered UI Layers or Frames	*
L Improper Access Control	*
M Insecure Default Variable Initialization	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Information Exposure	*
M Missing Authentication for Critical Function	*
M HTTP Request Smuggling	<0:4.19.0-202509011627.p2.g169f654.assembly.stream.el9
M CVE-2025-4673	*
M HTTP Request Smuggling	<0:4.16.0-202507092005.p0.ga6b193c.assembly.stream.el9
M HTTP Request Smuggling	<0:4.18.0-202507051134.p0.g817e6dd.assembly.stream.el9
H Directory Traversal	<0:4.16.0-202406191607.p0.g58452d8.assembly.stream.el9
M Allocation of Resources Without Limits or Throttling	*
M Improper Input Validation	*
H Improper Validation of Integrity Check Value	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
M Resource Exhaustion	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Arbitrary Code Injection	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Misinterpretation of Input	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Improper Certificate Validation	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Improper Input Validation	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Information Exposure	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Incorrect Behavior Order	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Improper Validation of Integrity Check Value	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Resource Exhaustion	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Arbitrary Code Injection	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Misinterpretation of Input	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Improper Certificate Validation	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Improper Input Validation	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Information Exposure	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9
H Incorrect Behavior Order	<0:4.16.0-202406170957.p0.g29c95f3.assembly.stream.el9

openshift-kube-controller-manager vulnerabilities

Direct Vulnerabilities

Fix vulnerabilities automatically