Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2022-3916 | Insufficient Session Expiration vulnerability in Redhat products A flaw was found in the offline_access scope in Keycloak. | 6.8 |
| 2023-09-20 | CVE-2022-1438 | Cross-site Scripting vulnerability in Redhat Keycloak A flaw was found in Keycloak. | 4.8 |
| 2023-09-20 | CVE-2023-0118 | OS Command Injection vulnerability in multiple products An arbitrary code execution flaw was found in Foreman. | 9.1 |
| 2023-09-20 | CVE-2023-0462 | Code Injection vulnerability in multiple products An arbitrary code execution flaw was found in Foreman. | 9.1 |
| 2023-09-20 | CVE-2023-4853 | Incorrect Authorization vulnerability in multiple products A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. | 8.1 |
| 2023-09-18 | CVE-2023-4527 | Out-of-bounds Read vulnerability in multiple products A flaw was found in glibc. | 6.5 |
| 2023-09-18 | CVE-2023-4806 | Use After Free vulnerability in multiple products A flaw was found in glibc. | 5.9 |
| 2023-09-15 | CVE-2022-3261 | Cleartext Transmission of Sensitive Information vulnerability in Redhat Openstack Platform 16.2 A flaw was found in OpenStack. | 7.5 |
| 2023-09-15 | CVE-2023-0813 | Improper Authentication vulnerability in Redhat Network Observability 1.0 A flaw was found in the Network Observability plugin for OpenShift console. | 7.5 |
| 2023-09-15 | CVE-2023-0923 | Missing Authorization vulnerability in Redhat Openshift Data Science A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. | 9.8 |