Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-27 | CVE-2023-4065 | Incorrect Default Permissions vulnerability in Redhat products A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. | 5.5 |
| 2023-09-27 | CVE-2023-5157 | A vulnerability was found in MariaDB. | 7.5 |
| 2023-09-27 | CVE-2023-3223 | Unspecified vulnerability in Redhat products A flaw was found in undertow. | 7.5 |
| 2023-09-27 | CVE-2023-0456 | Missing Authorization vulnerability in Redhat Apicast 2.0.0 A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. | 7.5 |
| 2023-09-27 | CVE-2023-0833 | Information Exposure Through an Error Message vulnerability in multiple products A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. | 5.5 |
| 2023-09-25 | CVE-2023-42753 | Out-of-bounds Write vulnerability in multiple products An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. | 7.8 |
| 2023-09-25 | CVE-2022-4137 | Cross-site Scripting vulnerability in Redhat Keycloak and Single Sign-On A reflected cross-site scripting (XSS) vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. | 6.1 |
| 2023-09-25 | CVE-2022-4244 | A flaw was found in codeplex-codehaus. | 7.5 |
| 2023-09-25 | CVE-2022-4245 | XXE vulnerability in multiple products A flaw was found in codehaus-plexus. | 4.3 |
| 2023-09-25 | CVE-2022-4318 | Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products A vulnerability was found in cri-o. | 7.8 |