What the vulnerability does

01Description

Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks.

Key dates

02Disclosure timeline

December 9, 2022 CVE published
April 22, 2025 Record updated