Vulnerabilities > Redhat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-27 | CVE-2023-0456 | Missing Authorization vulnerability in Redhat Apicast 2.0.0 A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. | 7.5 |
| 2023-09-25 | CVE-2023-42753 | Out-of-bounds Write vulnerability in multiple products An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. | 7.8 |
| 2023-09-25 | CVE-2022-4244 | Path Traversal vulnerability in multiple products A flaw was found in codeplex-codehaus. | 7.5 |
| 2023-09-25 | CVE-2022-4318 | Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products A vulnerability was found in cri-o. | 7.8 |
| 2023-09-25 | CVE-2023-4156 | Out-of-bounds Read vulnerability in multiple products A heap out-of-bounds read flaw was found in builtin.c in the gawk package. | 7.1 |
| 2023-09-25 | CVE-2023-5156 | Memory Leak vulnerability in multiple products A flaw was found in the GNU C Library. | 7.5 |
| 2023-09-24 | CVE-2023-1260 | An authentication bypass vulnerability was discovered in kube-apiserver. | 8.0 |
| 2023-09-20 | CVE-2022-3596 | Unspecified vulnerability in Redhat Openstack Platform 13.0 An information leak was found in OpenStack's undercloud. | 7.5 |
| 2023-09-20 | CVE-2023-4853 | Incorrect Authorization vulnerability in multiple products A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. | 8.1 |
| 2023-09-15 | CVE-2022-3261 | Cleartext Transmission of Sensitive Information vulnerability in Redhat Openstack Platform 16.2 A flaw was found in OpenStack. | 7.5 |