Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-06	CVE-2022-25309	Heap-based Buffer Overflow vulnerability in multiple products A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. local low complexity gnu redhat CWE-122	5.5
2022-09-06	CVE-2022-25310	NULL Pointer Dereference vulnerability in multiple products A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. local low complexity gnu redhat CWE-476	5.5
2022-09-01	CVE-2022-1632	Improper Certificate Validation vulnerability in multiple products An Improper Certificate Validation attack was found in Openshift. network low complexity redhat fedoraproject CWE-295	6.5
2022-09-01	CVE-2022-1677	Resource Exhaustion vulnerability in Redhat Openshift Container Platform In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files. network low complexity redhat CWE-400	6.3
2022-09-01	CVE-2022-23452	Incorrect Authorization vulnerability in multiple products An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. network low complexity openstack redhat CWE-863	4.9
2022-09-01	CVE-2022-2238	SQL Injection vulnerability in Redhat Advanced Cluster Management for Kubernetes 2.0 A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query in the search filter gets parsed by the backend. network low complexity redhat CWE-89	6.5
2022-09-01	CVE-2022-2403	Exposure of System Data to an Unauthorized Control Sphere vulnerability in Redhat Openshift 4.11/4.12/4.9 A credentials leak was found in the OpenShift Container Platform. network low complexity redhat CWE-497	6.5
2022-09-01	CVE-2022-2447	Operation on a Resource after Expiration or Release vulnerability in multiple products A flaw was found in Keystone. network high complexity openstack redhat CWE-672	6.6
2022-09-01	CVE-2022-2739	Cleartext Storage of Sensitive Information vulnerability in multiple products The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. network high complexity redhat podman-project CWE-312	5.3
2022-09-01	CVE-2022-2764	A flaw was found in Undertow. network low complexity redhat netapp	4.9