CVEFinder.io

CVE-2022-3248

đŸ”ļ medium
Summary

A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.

CVSS Score
4.4
Medium
EPSS Score
0.1
Exploit Probability
Published Date
2023-10-05
First Seen: 2026-01-05
Last Modified 2024-11-21
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
CWE IDs (Weakness Types)
CWE-863

🔗 References 4

https://access.redhat.com/security/cve/CVE-2022-3248
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2072188
Issue Tracking Vendor Advisory
https://access.redhat.com/security/cve/CVE-2022-3248
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2072188
Issue Tracking Vendor Advisory

đŸ“Ļ Affected Products 2

Vendor Product Status Affected Versions
redhat openshift_container_platform Affected
v4.0
redhat advanced_cluster_management_for_kubernetes Affected
v2.0

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-14874 ⚠ī¸ high 7.5 0.1 A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header t... 2025-12-18
CVE-2025-8283 ℹī¸ low 3.7 0.0 A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman se... 2025-07-28
CVE-2025-7519 đŸ”ļ medium 6.7 0.0 A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds wri... 2025-07-14
CVE-2025-32988 đŸ”ļ medium 6.5 0.1 A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the expo... 2025-07-10
CVE-2025-32989 đŸ”ļ medium 5.3 0.1 A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Cert... 2025-07-10
CVE-2025-32990 đŸ”ļ medium 6.5 0.2 A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certt... 2025-07-10
These CVEs affect the same products