VYPR

OpenShift Console

by Red Hat

CVEs (2)

  • CVE-2023-0813Sep 15, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced, allowing any user who can connect to the OpenShift Console in an OpenShift cluster to retrieve flows…

  • CVE-2020-1761May 27, 2021
    risk 0.00cvss epss 0.01

    A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. An attacker can use this flaw to get the access token via physical access, or an XSS attack on the victim's browser. This flaw affects openshift/console versions…