Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-06 | CVE-2022-3854 | Unspecified vulnerability in Redhat Ceph Storage 3.0/4.0/5.0 A flaw was found in Ceph, relating to the URL processing on RGW backends. | 6.5 |
| 2023-02-28 | CVE-2023-1095 | NULL Pointer Dereference vulnerability in multiple products In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. | 5.5 |
| 2023-02-27 | CVE-2023-1055 | Improper Certificate Validation vulnerability in multiple products A flaw was found in RHDS 11 and RHDS 12. | 5.5 |
| 2023-02-23 | CVE-2023-0044 | Cross-site Scripting vulnerability in multiple products If the Quarkus Form Authentication session cookie Path attribute is set to `/` then a cross-site attack may be initiated which might lead to the Information Disclosure. | 6.1 |
| 2023-02-17 | CVE-2023-0482 | Unspecified vulnerability in Redhat Resteasy In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user. | 5.5 |
| 2023-02-02 | CVE-2022-3560 | Path Traversal vulnerability in multiple products A flaw was found in pesign. | 5.5 |
| 2023-01-27 | CVE-2022-4285 | An illegal memory access flaw was found in the binutils package. | 5.5 |
| 2023-01-26 | CVE-2023-0229 | Unspecified vulnerability in Redhat Openshift 4.11/4.12 A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restricted-v2 Security Context Constraint (SCC) is "runtime/default," allowing users to disable seccomp for pods they can create and modify. | 6.3 |
| 2023-01-18 | CVE-2022-3100 | A flaw was found in the openstack-barbican component. | 5.9 |
| 2023-01-17 | CVE-2023-0296 | Unspecified vulnerability in Redhat Openshift 4.11 The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. | 5.3 |