Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-04 | CVE-2023-3971 | Cross-site Scripting vulnerability in Redhat products An HTML injection flaw was found in Controller in the user interface settings. | 5.4 |
| 2023-10-04 | CVE-2023-4380 | Information Exposure Through Log Files vulnerability in Redhat products A logic flaw exists in Ansible Automation platform. | 6.3 |
| 2023-10-04 | CVE-2022-4132 | Memory Leak vulnerability in multiple products A flaw was found in JSS. | 5.9 |
| 2023-10-04 | CVE-2023-3153 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. | 5.3 |
| 2023-10-03 | CVE-2023-4732 | Race Condition vulnerability in multiple products A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. | 4.7 |
| 2023-10-03 | CVE-2023-4886 | A sensitive information exposure vulnerability was found in foreman. | 4.4 |
| 2023-09-28 | CVE-2023-42756 | Race Condition vulnerability in multiple products A flaw was found in the Netfilter subsystem of the Linux kernel. | 4.7 |
| 2023-09-28 | CVE-2023-5215 | Unchecked Return Value vulnerability in Redhat Enterprise Linux and Libnbd A flaw was found in libnbd. | 6.5 |
| 2023-09-27 | CVE-2023-4066 | Cleartext Storage of Sensitive Information vulnerability in Redhat products A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker. | 5.5 |
| 2023-09-27 | CVE-2023-4065 | Incorrect Default Permissions vulnerability in Redhat products A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. | 5.5 |