Filtered by vendor Redhat Subscriptions
Filtered by product Openshift Container Platform For Arm64 Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-9676 1 Redhat 20 Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Arm 64 and 17 more 2024-12-23 6.5 Medium
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
CVE-2023-5625 1 Redhat 9 Enterprise Linux, Openshift, Openshift Container Platform For Arm64 and 6 more 2024-12-06 5.3 Medium
A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.
CVE-2023-3089 1 Redhat 18 Acm, Amq Streams, Container Native Virtualization and 15 more 2024-11-21 7 High
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
CVE-2022-4318 3 Fedoraproject, Kubernetes, Redhat 9 Extra Packages For Enterprise Linux, Fedora, Cri-o and 6 more 2024-11-21 7.8 High
A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.