Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:openshift:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Openshift (3c7da314-66e1-5133-9116-8ba843cf09d6) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-3089 |
not_vulnerable | 2026-06-08 06:09:38.467214 |
Ocp & fips mode
HIGH (7)
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Published: 2023-07-05T12:21:03.036Z
Updated: 2024-10-24T19:13:59.907Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-4145 |
vulnerable | 2026-06-08 05:51:36.893338 |
Content spoofing
MEDIUM (4.3)
A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote, unauthenticated attacker to inject text into a webpage, enabling the obfuscation of a phishing operation.
Published: 2023-10-05T12:34:57.523Z
Updated: 2024-09-03T13:34:13.619Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3262 |
vulnerable | 2026-06-08 05:47:19.813749 |
Details available
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability.
Published: 2022-12-08T00:00:00.000Z
Updated: 2025-04-23T15:19:14.027Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3260 |
vulnerable | 2026-06-08 05:47:19.810091 |
Details available
The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks.
Published: 2022-12-08T00:00:00.000Z
Updated: 2025-04-23T15:29:37.556Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3259 |
vulnerable | 2026-06-08 05:47:19.808754 |
Details available
Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks.
Published: 2022-12-09T00:00:00.000Z
Updated: 2025-04-22T20:25:52.328Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-2403 |
vulnerable | 2026-06-08 05:43:35.479344 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-1677 |
vulnerable | 2026-06-08 05:39:13.679553 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-1632 |
vulnerable | 2026-06-08 05:39:13.607917 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-4047 |
vulnerable | 2026-06-08 05:38:08.230067 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3636 |
vulnerable | 2026-06-08 05:33:53.233389 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20182 |
vulnerable | 2026-06-08 05:29:08.656876 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-14336 |
vulnerable | 2026-06-08 05:19:23.019143 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.