VDB

RHSA-2022%3A0492

RHSA-2022%3A0492 PUBLISHED CVSS 7.199999809265137 HIGH

An improper limitation of path name flaw was found in containernetworking/cni. When specifying the plugin to load in the `type` field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as `reboot`. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Risk Scores

CVSS 3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-deployer@sha256:2886db7e88a88b101d950df459f24a54cef30bb0af09ef1ecea6f3b990f0f07a_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-deployer@sha256:2886db7e88a88b101d950df459f24a54cef30bb0af09ef1ecea6f3b990f0f07a_amd64
Red Hatopenshift4/ose-multus-cni@sha256:49690c6b76983578846ec462f0dbc153960dda07feb0bb0f20a9cfc6277d7bed_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-multus-cni@sha256:49690c6b76983578846ec462f0dbc153960dda07feb0bb0f20a9cfc6277d7bed_s390x
Red Hatopenshift4/ose-csi-external-resizer-rhel8@sha256:913ba6f031b22fe6043f5b01d6f5294d1c8ec2219589400a893a3aa5b15a4da4_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-csi-external-resizer-rhel8@sha256:913ba6f031b22fe6043f5b01d6f5294d1c8ec2219589400a893a3aa5b15a4da4_s390x
Red Hatopenshift4/ose-network-metrics-daemon-rhel8@sha256:7d35ea6b6bb1f160bdd33496cd662f53c2d2f1157d2b9d86cb73fec1bcba7ef8_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-network-metrics-daemon-rhel8@sha256:7d35ea6b6bb1f160bdd33496cd662f53c2d2f1157d2b9d86cb73fec1bcba7ef8_amd64
Red Hatopenshift4/ose-aws-ebs-csi-driver-rhel8-operator@sha256:623a0044cc68bec1f6c6a74475d17d43d4e4388b12b300afe6c9ff278385fece_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-aws-ebs-csi-driver-rhel8-operator@sha256:623a0044cc68bec1f6c6a74475d17d43d4e4388b12b300afe6c9ff278385fece_amd64
Red Hatopenshift4/ose-cli-artifacts@sha256:dec16cca9e5b5cd8101eb7266c2482b86c5040a4f54f4a96382d9dfa65b9de94_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-cli-artifacts@sha256:dec16cca9e5b5cd8101eb7266c2482b86c5040a4f54f4a96382d9dfa65b9de94_amd64
Red Hatopenshift4/ose-telemeter@sha256:e9118dddc6acb098ef4cf7eb06f6d22560524e211e48ec6eb159ca2e5022b0e9_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-telemeter@sha256:e9118dddc6acb098ef4cf7eb06f6d22560524e211e48ec6eb159ca2e5022b0e9_amd64
Red Hatopenshift4/ose-oauth-server-rhel8@sha256:131822c998e8e124ef5e7d495e6367fab23e8ab4e823bc664bddb379f6684fbe_amd64 as a component of Red Hat OpenShift Container Platform 4.7*
Red Hatopenshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:2a9fc270953e47271d7a2680f887b18e68f5bf54ce2b57fa2c937b4af3218253_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-jenkins-agent-nodejs-12-rhel8@sha256:2a9fc270953e47271d7a2680f887b18e68f5bf54ce2b57fa2c937b4af3218253_s390x
Red Hatopenshift4/ose-csi-node-driver-registrar-rhel8@sha256:2c7bb13d648a5048584530fddc62deb4b2e47bb7d389b77992e1077b920867e8_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-csi-node-driver-registrar-rhel8@sha256:2c7bb13d648a5048584530fddc62deb4b2e47bb7d389b77992e1077b920867e8_amd64
Red Hatopenshift4/ose-prometheus-config-reloader@sha256:532b03acdb40aeaab35bd5160d519bb37fd30280218aea3dc2f0fe08f995c84a_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-prometheus-config-reloader@sha256:532b03acdb40aeaab35bd5160d519bb37fd30280218aea3dc2f0fe08f995c84a_amd64
Red Hatopenshift4/ose-cli@sha256:59e88704d66781a6ba3412c21168329c3780ff07a059c4d9cd043c9a6ad4a245_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-cli@sha256:59e88704d66781a6ba3412c21168329c3780ff07a059c4d9cd043c9a6ad4a245_amd64
Red Hatopenshift4/ose-must-gather@sha256:be2f41c4fb412078f0cda1113e16d5d3a96bfdf6fe95ed09aecccf0dd5e80c53_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-must-gather@sha256:be2f41c4fb412078f0cda1113e16d5d3a96bfdf6fe95ed09aecccf0dd5e80c53_s390x
Red Hatopenshift4/ose-gcp-machine-controllers-rhel8@sha256:81bdf7f53a0e00a1d91c68c8ba2c563eeb4e792588d9ffcb9b5c94fa48e61b43_ppc64le as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-gcp-machine-controllers-rhel8@sha256:81bdf7f53a0e00a1d91c68c8ba2c563eeb4e792588d9ffcb9b5c94fa48e61b43_ppc64le
Red Hatopenshift4/ose-cli-artifacts@sha256:dec16cca9e5b5cd8101eb7266c2482b86c5040a4f54f4a96382d9dfa65b9de94_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-cli-artifacts@sha256:dec16cca9e5b5cd8101eb7266c2482b86c5040a4f54f4a96382d9dfa65b9de94_amd64
Red Hatopenshift4/ose-machine-api-operator@sha256:15df6ddfb17c7d887db41486d0e6da6f629a1ec150f54c7f293cfd76e945dac8_ppc64le as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-machine-api-operator@sha256:15df6ddfb17c7d887db41486d0e6da6f629a1ec150f54c7f293cfd76e945dac8_ppc64le
Red Hatopenshift4/ose-openshift-state-metrics-rhel8@sha256:47a0561fddb85edff5c6bcfc8e6c0d36581fb6591e0af35a7da4963751fe7d64_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-openshift-state-metrics-rhel8@sha256:47a0561fddb85edff5c6bcfc8e6c0d36581fb6591e0af35a7da4963751fe7d64_s390x
Red Hatopenshift4/ose-multus-networkpolicy-rhel8@sha256:f5dddf2b86bc050e5d2b414f2f5650cdb1ed102fa34fb3eda2f77da2c7490da8_s390x as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-multus-networkpolicy-rhel8@sha256:f5dddf2b86bc050e5d2b414f2f5650cdb1ed102fa34fb3eda2f77da2c7490da8_s390x
Red Hatopenshift4/ose-tools-rhel8@sha256:bc7be887442867f9118a25f9da8d4fef97a227aba5415e5da766384c5146e715_amd64 as a component of Red Hat OpenShift Container Platform 4.7openshift4/ose-tools-rhel8@sha256:bc7be887442867f9118a25f9da8d4fef97a227aba5415e5da766384c5146e715_amd64
Red Hatopenshift4/ose-cluster-autoscaler@sha256:7845d945bde410f64e95f666d3f29667652334e536f093164021601ab425f443_s390x as a component of Red Hat OpenShift Container Platform 4.7*

…and 770 more

Timeline

  • Feb 16, 2022 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 30, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›