github.com/openshift/console
Go4 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting github.com/openshift/consolepage 1 of 1
- CVE-2024-50312MEDIUMCVSS 5.3EG 5.32024-10-22
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increas…
- CVE-2024-6508HIGHCVSS 8.0EG 8.02024-08-21
An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery (CSRF) attack if the state parameter is use…
- CVE-2024-6538MEDIUMCVSS 5.3EG 5.32024-11-25
A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can ofte…
- CVE-2024-7631MEDIUMCVSS 4.3EG 4.32025-03-19
A flaw was found in the OpenShift Console, an endpoint for plugins to serve resources in multiple languages: /locales/resources.json. This endpoint's lng and ns parameters are used to construct a filepath in pkg/plugins/handlers unsafely.g…
Check whether github.com/openshift/console is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/openshift/console CVEs against the assets you own.
Start Free Scan →