Multiple vulnerabilities in OpenShift Container Platform 4.14
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU67396
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-27664
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Inadequate Encryption Strength
EUVDB-ID: #VU78005
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3089
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists within the OpenShift container platform configuration with enabled FIPS mode, which resulted in usage of not validated cryptographic modules. A remote attacker can perform various attacks against not validated cryptographic modules and gain access to sensitive information.
Install updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Allocation of Resources Without Limits or Throttling
EUVDB-ID: #VU82923
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3153
CWE-ID:
CWE-770 - Allocation of Resources Without Limits or Throttling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper rate limitation in the service monitor MAC. A remote attacker can perform a denial of service attack against deployments with CoPP enabled and properly configured.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cross-site scripting
EUVDB-ID: #VU79294
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3978
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use-after-free
EUVDB-ID: #VU78290
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29824
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error in Py_FindObjects() function. A local user can trigger a use-after-free error and crash the application.
Install updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Resource exhaustion
EUVDB-ID: #VU81426
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-37788
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Cross-site scripting
EUVDB-ID: #VU80572
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39318
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the html/template package when handling HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. A remote attacker can pass specially crafted input to the application and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Cross-site scripting
EUVDB-ID: #VU80573
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39319
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists within the html/template package caused by improperly applied rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. A remote attacker can pass specially crafted input to the application and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Input validation error
EUVDB-ID: #VU80574
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39321
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in crypto/tls when processing post-handshake message on QUIC connections. A remote attacker can send an incomplete post-handshake message for a QUIC connection and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU80575
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39322
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in crypto/tls when processing post-handshake message on QUIC connections. A remote attacker can send an incomplete post-handshake message for a QUIC connection and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Resource exhaustion
EUVDB-ID: #VU82064
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39325
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to excessive consumption of internal resources when handling HTTP/2 requests. A remote attacker can bypass the http2.Server.MaxConcurrentStreams setting by creating new connections while the current connections are still being processed, trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Resource exhaustion
EUVDB-ID: #VU81728
Risk: High
CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H/RL:O/RC:C]
CVE-ID: CVE-2023-44487
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improperly control of consumption for internal resources when handling HTTP/2 requests with compressed HEADERS frames. A remote attacker can send a sequence of compressed HEADERS frames followed by RST_STREAM frames and perform a denial of service (DoS) attack, a.k.a. "Rapid Reset".
Note, the vulnerability is being actively exploited in the wild.
Install updates from vendor's website.
Red Hat OpenShift Container Platform: before 4.14.0
openshift4-aws-iso (Red Hat package): before 4.14.0-202309272140.p0.gd2acdd5.assembly.stream.el8
openshift-kuryr (Red Hat package): before 4.14.0-202309272140.p0.g8926a29.assembly.stream.el8
nmstate (Red Hat package): before 2.2.12-1.rhaos4.14.el8
haproxy (Red Hat package): before 2.6.13-1.rhaos4.14.el8
golang-github-prometheus-promu (Red Hat package): before 0.15.0-15.1.gitd5383c5.el8
containers-common (Red Hat package): before 1-51.rhaos4.14.el8
containernetworking-plugins (Red Hat package): before 1.0.1-11.1.rhaos4.14.el8
butane (Red Hat package): before 0.19.0-1.1.rhaos4.14.el8
wasmedge (Red Hat package): before 0.12.1-2.rhaos4.14.el9
toolbox (Red Hat package): before 0.1.2-1.rhaos4.14.el9
spdlog (Red Hat package): before 1.12.0-1.rhaos4.14.el9
skopeo (Red Hat package): before 1.11.2-10.1.rhaos4.14.el9
rust-afterburn (Red Hat package): before 5.4.3-1.rhaos4.14.el9
runc (Red Hat package): before 1.1.9-2.1.rhaos4.14.el9
podman (Red Hat package): before 4.4.1-10.1.rhaos4.14.el9
ovn23.09 (Red Hat package): before 23.09.0-37.el9fdp
openshift-clients (Red Hat package): before 4.14.0-202310191146.p0.g0c63f9d.assembly.stream.el9
openshift-ansible (Red Hat package): before 4.14.0-202310062327.p0.gf781421.assembly.stream.el9
openshift (Red Hat package): before 4.14.0-202310210404.p0.gf67aeb3.assembly.stream.el9
kata-containers (Red Hat package): before 3.1.3-4.rhaos4.14.el9
ignition (Red Hat package): before 2.16.2-1.1.rhaos4.14.el9
gtest (Red Hat package): before 1.13.0-1.el9
google-benchmark (Red Hat package): before 1.8.2-1.el9
fmt (Red Hat package): before 9.1.0-1.el9
crun-wasm (Red Hat package): before 1.8.5-3.rhaos4.14.el9
crun (Red Hat package): before 1.9.2-1.rhaos4.14.el9
cri-tools (Red Hat package): before 1.27.0-2.1.el9
cri-o (Red Hat package): before 1.27.1-8.1.rhaos4.14.git3fecb83.el9
coreos-installer (Red Hat package): before 0.17.0-1.rhaos4.14.el9
container-selinux (Red Hat package): before 2.221.0-2.rhaos4.14.el9
conmon (Red Hat package): before 2.1.7-3.1.rhaos4.14.el9
catch (Red Hat package): before 3.3.2-1.el9
buildah (Red Hat package): before 1.29.1-10.1.rhaos4.14.el9
kernel-rt (Red Hat package): before 5.14.0-284.36.1.rt14.321.el9_2
kernel (Red Hat package): before 5.14.0-284.36.1.el9_2
External linkshttp://access.redhat.com/errata/RHSA-2023:5009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
