Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:openshift:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductOpenshift (3c7da314-66e1-5133-9116-8ba843cf09d6)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-3089 not_vulnerable 2026-06-08 06:09:38.467214 Ocp & fips mode
HIGH (7)
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Published: 2023-07-05T12:21:03.036Z
Updated: 2024-10-24T19:13:59.907Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-4145 vulnerable 2026-06-08 05:51:36.893338 Content spoofing
MEDIUM (4.3)
A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote, unauthenticated attacker to inject text into a webpage, enabling the obfuscation of a phishing operation.
Published: 2023-10-05T12:34:57.523Z
Updated: 2024-09-03T13:34:13.619Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-3262 vulnerable 2026-06-08 05:47:19.813749 Details available
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability.
Published: 2022-12-08T00:00:00.000Z
Updated: 2025-04-23T15:19:14.027Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-3260 vulnerable 2026-06-08 05:47:19.810091 Details available
The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks.
Published: 2022-12-08T00:00:00.000Z
Updated: 2025-04-23T15:29:37.556Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-3259 vulnerable 2026-06-08 05:47:19.808754 Details available
Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks.
Published: 2022-12-09T00:00:00.000Z
Updated: 2025-04-22T20:25:52.328Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-2403 vulnerable 2026-06-08 05:43:35.479344 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-1677 vulnerable 2026-06-08 05:39:13.679553 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-1632 vulnerable 2026-06-08 05:39:13.607917 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-4047 vulnerable 2026-06-08 05:38:08.230067 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-3636 vulnerable 2026-06-08 05:33:53.233389 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20182 vulnerable 2026-06-08 05:29:08.656876 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-14336 vulnerable 2026-06-08 05:19:23.019143 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.