Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-24 | CVE-2023-1633 | Insufficiently Protected Credentials vulnerability in multiple products A credentials leak flaw was found in OpenStack Barbican. | 5.5 |
| 2023-09-24 | CVE-2023-1636 | A vulnerability was found in OpenStack Barbican containers. | 5.0 |
| 2023-09-23 | CVE-2022-3962 | A content spoofing vulnerability was found in Kiali. | 4.3 |
| 2023-09-20 | CVE-2022-3916 | Insufficient Session Expiration vulnerability in Redhat products A flaw was found in the offline_access scope in Keycloak. | 6.8 |
| 2023-09-20 | CVE-2022-1438 | Cross-site Scripting vulnerability in Redhat Keycloak A flaw was found in Keycloak. | 4.8 |
| 2023-09-18 | CVE-2023-4527 | Out-of-bounds Read vulnerability in multiple products A flaw was found in glibc. | 6.5 |
| 2023-09-18 | CVE-2023-4806 | Use After Free vulnerability in multiple products A flaw was found in glibc. | 5.9 |
| 2023-09-15 | CVE-2022-3466 | Incorrect Default Permissions vulnerability in multiple products The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257, and RHBA-2022:6658, respectively, included an incorrect version of cri-o missing the fix for CVE-2022-27652, which was previously fixed in OCP 4.9.41 and 4.10.12 via RHBA-2022:5433 and RHSA-2022:1600. | 5.3 |
| 2023-09-15 | CVE-2023-4959 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Quay 3.0.0 A flaw was found in Quay. | 6.5 |
| 2023-09-13 | CVE-2023-3255 | Infinite Loop vulnerability in multiple products A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. | 6.5 |