Red Hat Openshift Container Platform Ibm Z
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Openshift Container Platform Ibm Z.
By the Year
In 2025 there have been 0 vulnerabilities in Red Hat Openshift Container Platform Ibm Z. Last year, in 2024 Openshift Container Platform Ibm Z had 4 security vulnerabilities published. Right now, Openshift Container Platform Ibm Z is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 4 | 6.80 |
It may take a day or so for new Openshift Container Platform Ibm Z vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Openshift Container Platform Ibm Z Security Vulnerabilities
Symlink Traversal via containers/storage leads Podman/CRIO OOM CVE20249676
CVE-2024-9676
6.5 - Medium
- October 15, 2024
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
Directory traversal
Keycloak Redirect URI: http://localhost Misconfig allows session hijack
CVE-2024-8883
6.1 - Medium
- September 19, 2024
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.
Open Redirect
Keycloak Redirect URI Validation Bypass via Wildcard URIs
CVE-2024-1132
8.1 - High
- April 17, 2024
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.
Directory traversal
Auth Escalation via kubevirt-csi CVE-2024-1725
CVE-2024-1725
6.5 - Medium
- March 07, 2024
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node.
Trust Boundary Violation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Openshift Container Platform Ibm Z or by Red Hat? Click the Watch button to subscribe.
