Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-18 | CVE-2023-4320 | Insufficient Session Expiration vulnerability in Redhat Satellite An arithmetic overflow flaw was found in Satellite when creating a new personal access token. | 7.5 |
| 2023-12-18 | CVE-2023-5056 | Missing Authorization vulnerability in Redhat Service Interconnect 1.0 A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. | 4.1 |
| 2023-12-18 | CVE-2023-5115 | Path Traversal vulnerability in multiple products An absolute path traversal attack exists in the Ansible automation platform. | 6.3 |
| 2023-12-18 | CVE-2023-5236 | A flaw was found in Infinispan, which does not detect circular object references when unmarshalling. | 6.5 |
| 2023-12-18 | CVE-2023-5384 | Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in Infinispan. | 2.7 |
| 2023-12-14 | CVE-2023-6134 | Cross-site Scripting vulnerability in Redhat products A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. | 5.4 |
| 2023-12-14 | CVE-2023-6563 | Allocation of Resources Without Limits or Throttling vulnerability in Redhat products An unconstrained memory consumption vulnerability was discovered in Keycloak. | 7.7 |
| 2023-12-13 | CVE-2023-6377 | Out-of-bounds Read vulnerability in multiple products A flaw was found in xorg-server. | 7.8 |
| 2023-12-13 | CVE-2023-6478 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in xorg-server. | 7.5 |
| 2023-12-12 | CVE-2023-5379 | Allocation of Resources Without Limits or Throttling vulnerability in Redhat products A flaw was found in Undertow. | 7.5 |