Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-13 | CVE-2023-0105 | Improper Authentication vulnerability in Redhat Keycloak A flaw was found in Keycloak. | 6.5 |
| 2022-12-28 | CVE-2021-4294 | Information Exposure Through Discrepancy vulnerability in Redhat Openshift Container Platform and Openshift Osin A vulnerability was found in OpenShift OSIN. | 5.9 |
| 2022-12-16 | CVE-2022-4130 | Unspecified vulnerability in Redhat Satellite 6.10/6.11/6.9 A blind site-to-site request forgery vulnerability was found in Satellite server. | 4.5 |
| 2022-12-08 | CVE-2022-3260 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Redhat Openshift 4.9 The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. | 4.8 |
| 2022-11-29 | CVE-2022-4144 | An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. | 6.5 |
| 2022-11-22 | CVE-2022-3500 | A vulnerability was found in keylime. | 5.1 |
| 2022-11-08 | CVE-2022-3821 | An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. | 5.5 |
| 2022-11-03 | CVE-2022-3675 | Missing Authentication for Critical Function vulnerability in Redhat Fedora Coreos 36.20220820.3.0 Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. | 5.5 |
| 2022-10-25 | CVE-2022-3644 | Insufficiently Protected Credentials vulnerability in multiple products The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only. | 5.5 |
| 2022-10-19 | CVE-2013-4281 | Unspecified vulnerability in Redhat Openshift 1.0 In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv.pem file on the broker server, which could allow users with local access to the broker to read this file. | 5.5 |