Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-17 | CVE-2023-0482 | Creation of Temporary File With Insecure Permissions vulnerability in multiple products In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user. | 5.5 |
| 2023-02-02 | CVE-2022-3560 | Path Traversal vulnerability in multiple products A flaw was found in pesign. | 5.5 |
| 2023-01-27 | CVE-2022-4285 | An illegal memory access flaw was found in the binutils package. | 5.5 |
| 2023-01-26 | CVE-2023-0229 | Unspecified vulnerability in Redhat Openshift 4.11/4.12 A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restricted-v2 Security Context Constraint (SCC) is "runtime/default," allowing users to disable seccomp for pods they can create and modify. | 6.3 |
| 2023-01-18 | CVE-2022-3100 | A flaw was found in the openstack-barbican component. | 5.9 |
| 2023-01-17 | CVE-2023-0296 | Unspecified vulnerability in Redhat Openshift 4.11 The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. | 5.3 |
| 2023-01-13 | CVE-2023-0105 | Improper Authentication vulnerability in Redhat Keycloak A flaw was found in Keycloak. | 6.5 |
| 2022-12-28 | CVE-2021-4294 | Information Exposure Through Discrepancy vulnerability in Redhat Openshift Container Platform and Openshift Osin A vulnerability was found in OpenShift OSIN. | 5.9 |
| 2022-12-16 | CVE-2022-4130 | Unspecified vulnerability in Redhat Satellite 6.10/6.11/6.9 A blind site-to-site request forgery vulnerability was found in Satellite server. | 4.5 |
| 2022-12-08 | CVE-2022-3260 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Redhat Openshift 4.9 The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. | 4.8 |