Vulnerabilities > Redhat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-15 | CVE-2022-3466 | Incorrect Default Permissions vulnerability in multiple products The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600. | 5.3 |
| 2023-09-15 | CVE-2023-4959 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Quay 3.0.0 A flaw was found in Quay. | 6.5 |
| 2023-09-14 | CVE-2023-1108 | Infinite Loop vulnerability in multiple products A flaw was found in undertow. | 7.5 |
| 2023-09-13 | CVE-2023-2680 | Use After Free vulnerability in multiple products This CVE exists because of an incomplete fix for CVE-2021-3750. | 8.2 |
| 2023-09-13 | CVE-2023-3255 | Infinite Loop vulnerability in multiple products A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. | 6.5 |
| 2023-09-13 | CVE-2023-3301 | Race Condition vulnerability in multiple products A flaw was found in QEMU. | 5.6 |
| 2023-09-13 | CVE-2023-4155 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. | 5.6 |
| 2023-09-12 | CVE-2023-4813 | Use After Free vulnerability in multiple products A flaw was found in glibc. | 5.9 |
| 2023-09-12 | CVE-2023-4918 | Cleartext Transmission of Sensitive Information vulnerability in Redhat Keycloak 22.0.2 A flaw was found in the Keycloak package, more specifically org.keycloak.userprofile. | 8.8 |
| 2023-09-12 | CVE-2023-0119 | Cross-site Scripting vulnerability in Redhat Satellite 6.13 A stored Cross-site scripting vulnerability was found in foreman. | 5.4 |