Vulnerabilities > Redhat
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-18 | CVE-2023-4527 | Out-of-bounds Read vulnerability in multiple products A flaw was found in glibc. | 6.5 |
2023-09-18 | CVE-2023-4806 | Use After Free vulnerability in multiple products A flaw was found in glibc. | 5.9 |
2023-09-15 | CVE-2022-3261 | Cleartext Transmission of Sensitive Information vulnerability in Redhat Openstack Platform 16.2 A flaw was found in OpenStack. | 7.5 |
2023-09-15 | CVE-2023-0813 | Improper Authentication vulnerability in Redhat Network Observability 1.0 A flaw was found in the Network Observability plugin for OpenShift console. | 7.5 |
2023-09-15 | CVE-2023-0923 | Missing Authorization vulnerability in Redhat Openshift Data Science A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. | 9.8 |
2023-09-15 | CVE-2022-3466 | Incorrect Default Permissions vulnerability in multiple products The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600. | 5.3 |
2023-09-15 | CVE-2023-4959 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Quay 3.0.0 A flaw was found in Quay. | 6.5 |
2023-09-14 | CVE-2023-1108 | Infinite Loop vulnerability in multiple products A flaw was found in undertow. | 7.5 |
2023-09-13 | CVE-2023-2680 | Use After Free vulnerability in multiple products This CVE exists because of an incomplete fix for CVE-2021-3750. | 8.2 |
2023-09-13 | CVE-2023-3255 | Infinite Loop vulnerability in multiple products A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. | 6.5 |