Vulnerabilities > Redhat > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-11-12 CVE-2024-49394 Improper Verification of Cryptographic Signature vulnerability in multiple products
In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender.
network
low complexity
neomutt mutt redhat CWE-347
5.3
2024-11-12 CVE-2024-49395 In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.
network
low complexity
neomutt mutt redhat
5.3
2024-11-12 CVE-2024-49393 Improper Verification of Cryptographic Signature vulnerability in multiple products
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
network
high complexity
neomutt mutt redhat CWE-347
5.9
2024-10-22 CVE-2024-50311 Allocation of Resources Without Limits or Throttling vulnerability in Redhat Openshift Container Platform 4.0
A denial of service (DoS) vulnerability was found in OpenShift.
network
low complexity
redhat CWE-770
6.5
2024-10-22 CVE-2024-50312 Unspecified vulnerability in Redhat Openshift Container Platform 4.0
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query.
network
low complexity
redhat
5.3
2024-10-16 CVE-2024-10033 Cross-site Scripting vulnerability in Redhat products
A vulnerability was found in aap-gateway.
network
low complexity
redhat CWE-79
6.1
2024-10-15 CVE-2024-9676 Unspecified vulnerability in Redhat products
A vulnerability was found in Podman, Buildah, and CRI-O.
network
low complexity
redhat
6.5
2024-10-09 CVE-2024-9671 Missing Authorization vulnerability in Redhat 3Scale API Management Platform 2.0
A vulnerability was found in 3Scale.
network
low complexity
redhat CWE-862
5.3
2024-09-09 CVE-2024-7260 Open Redirect vulnerability in Redhat Build of Keycloak and Keycloak
An open redirect vulnerability was found in Keycloak.
network
low complexity
redhat CWE-601
6.1
2024-09-09 CVE-2024-7318 Use of a Key Past its Expiration Date vulnerability in Redhat Build of Keycloak
A vulnerability was found in Keycloak.
network
high complexity
redhat CWE-324
4.8