This page lists publicly disclosed CVE vulnerabilities affecting redhat openshift_container_platform_for_arm64 (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-4424 | A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction. | [email protected] | 7.5 | 0.10% | 2026-03-19 | 2026-06-10 |
| CVE-2025-13601 | A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string. | [email protected] | 7.7 | 0.01% | 2025-11-26 | 2026-06-02 |
| CVE-2025-6021 | A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. | [email protected] | 7.5 | 2.12% | 2025-06-12 | 2026-05-12 |
| CVE-2024-9676 | A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the | [email protected] | 6.5 | 1.60% | 2024-10-15 | 2026-03-19 |
| CVE-2024-1725 | A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node. | [email protected] | 6.5 | 0.14% | 2024-03-07 | 2025-03-26 |
| CVE-2023-5625 | A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products. | [email protected] | 5.3 | 0.07% | 2023-11-01 | 2024-12-06 |
| CVE-2022-4318 | A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable. | [email protected] | 7.8 | 0.04% | 2023-09-25 | 2024-11-21 |
| CVE-2023-3089 | A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. | [email protected] | 7.0 | 0.05% | 2023-07-05 | 2024-11-21 |