Redhat Openshift Container Platform vulnerabilities

CVE-2025-5915 [MEDIUM] CWE-122 CVE-2025-5915: A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer o A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (de

CVE-2025-4598 [MEDIUM] CWE-364 CVE-2025-4598: A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type o

CVE-2024-45782 [HIGH] CWE-787 CVE-2024-45782: A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HF A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensitive data integrity and eventually

CVE-2025-0678 [HIGH] CWE-190 CVE-2025-0678: A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module use A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it

CVE-2024-45778 [MEDIUM] CWE-190 CVE-2024-45778: A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.

CVE-2025-26465 [MEDIUM] CWE-390 CVE-2025-26465: A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-m A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker

CVE-2024-12088 [MEDIUM] CWE-22 CVE-2024-12088: A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.

CVE-2024-12085 [HIGH] CWE-908 CVE-2024-12085: A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw all A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.

CVE-2024-12086 [MEDIUM] CWE-390 CVE-2024-12086: A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file fr A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to

CVE-2024-50312 [MEDIUM] CWE-200 CVE-2024-50312: A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection qu A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery of flaws or errors specific to the application's Graph

CVE-2024-50311 [MEDIUM] CWE-770 CVE-2024-50311: A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploi A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in one query. This issue causes excessive resource consu

CVE-2024-9676 [MEDIUM] CWE-22 CVE-2024-9676: A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the co A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/sto

CVE-2024-9675 [HIGH] CWE-22 CVE-2024-9675: A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified path A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.

CVE-2024-9341 [MEDIUM] CWE-59 CVE-2024-9341: A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly ha A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attack

CVE-2024-8883 [MEDIUM] CWE-601 CVE-2024-8883: A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.

CVE-2024-4629 [MEDIUM] CWE-837 CVE-2024-4629: A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection b A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This timing loophole enables attackers to make more guesses

CVE-2024-3056 [HIGH] CWE-400 CVE-2024-3056: A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious

CVE-2024-7079 [MEDIUM] CWE-306 CVE-2024-7079: A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and veri A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser() middleware function. Contrary to its name, this middleware function does not verify the validity of the user

CVE-2024-6387 [HIGH] CWE-364 CVE-2024-6387: A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race con A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

CVE-2024-5154 [HIGH] CWE-22 CVE-2024-5154: A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on th A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.