Vulnerabilities > Redhat > Low
|2023-03-06||CVE-2022-4134|| Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products |
A flaw was found in openstack-glance.
| 2.8 |
|2023-03-03||CVE-2022-41862|| In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. |
high complexitypostgresql fedoraproject redhat
| 3.7 |
|2023-01-13||CVE-2023-0091|| Incorrect Authorization vulnerability in Redhat Keycloak |
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow.
| 3.8 |
|2022-10-17||CVE-2017-7517|| Improper Input Validation vulnerability in Redhat Openshift 3.0 |
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift.
| 3.5 |
|2022-09-01||CVE-2022-2256|| Cross-site Scripting vulnerability in Redhat Single Sign-On 7.0 |
A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7.
| 3.8 |
|2022-08-24||CVE-2021-4217|| NULL Pointer Dereference vulnerability in multiple products |
A flaw was found in unzip.
low complexityunzip-project fedoraproject redhat CWE-476
| 3.3 |
|2022-08-17||CVE-2020-14394|| Infinite Loop vulnerability in multiple products |
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring.
low complexityqemu fedoraproject redhat CWE-835
| 3.2 |
|2022-07-01||CVE-2014-3650|| Cross-site Scripting vulnerability in Redhat Jboss Aerogear 1.0.0 |
Multiple persistent cross-site scripting (XSS) flaws were found in the way Aerogear handled certain user-supplied content.
| 3.5 |
|2022-06-30||CVE-2014-0068|| Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift-Origin-Node-Util |
It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission.
| 2.1 |
|2022-06-28||CVE-2022-0987|| A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. |
low complexitypackagekit-project redhat
| 2.1 |