What the vulnerability does

01Description

A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability.

Key dates

02Disclosure timeline

December 8, 2022 CVE published
April 23, 2025 Record updated