cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12084,https://securityvulnerability.io/vulnerability/CVE-2024-12084,Heap-based Buffer Overflow Vulnerability in Rsync Daemon by Red Hat,"A heap-based buffer overflow vulnerability has been identified in the rsync daemon, attributable to improper management of attacker-controlled checksum lengths (s2length). This weakness arises when the maximum digest length exceeds the designated fixed length of 16 bytes, allowing an attacker to exploit the flaw and write outside the allocated memory in the sum2 buffer. Such exploitation could potentially compromise system integrity and lead to unauthorized access or data manipulation.",Red Hat,"Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Openshift Container Platform 4",9.8,CRITICAL,0.0006300000241026282,false,true,false,true,false,true,false,2025-01-15T14:16:35.363Z,6039
CVE-2024-12085,https://securityvulnerability.io/vulnerability/CVE-2024-12085,Rsync Daemon Memory Leak Vulnerability in Red Hat Products,"A vulnerability exists in the rsync daemon which can be exploited during the comparison of file checksums. An attacker can manipulate the checksum length, leading to potential leaks of one byte of uninitialized stack data at a time. This weakness could allow unauthorized access to sensitive information in memory, posing a security risk to affected systems.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Openshift Container Platform 4",7.5,HIGH,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-14T18:15:00.000Z,232
CVE-2024-12088,https://securityvulnerability.io/vulnerability/CVE-2024-12088,Path Traversal Vulnerability in Rsync Affects Multiple Platforms,"A vulnerability exists in Rsync when utilizing the `--safe-links` option. The software fails to properly validate symbolic link destinations, allowing the potential for a path traversal attack. This flaw may permit unauthorized file writes to locations outside the intended directory, posing a significant risk to systems using affected Rsync versions. It is crucial for users to evaluate their use of Rsync and apply any necessary patches to mitigate this risk.",Red Hat,"Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Openshift Container Platform 4",6.5,MEDIUM,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-14T18:15:00.000Z,0
CVE-2024-12087,https://securityvulnerability.io/vulnerability/CVE-2024-12087,Path Traversal Vulnerability in rsync Affects Red Hat,"A path traversal vulnerability in rsync allows a malicious server to exploit the `--inc-recursive` option, which is often enabled by default. This vulnerability arises from insufficient symlink verification and deduplication checks that occur on a per-file-list basis. An attacker could leverage this flaw to write files outside of the client's intended destination directory, potentially placing harmful files in arbitrary locations that mimic valid directories and paths on the client system.",Red Hat,"Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Openshift Container Platform 4",6.5,MEDIUM,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-14T18:15:00.000Z,0
CVE-2024-12086,https://securityvulnerability.io/vulnerability/CVE-2024-12086,File Enumeration Vulnerability in rsync by Red Hat,"A vulnerability in rsync has been identified that allows a server to expose the contents of files located on a client's machine. This issue arises during the process of file synchronization, where the rsync server transmits checksums of its local files to a client for comparison, determining which files need to be transferred. By exploiting this vulnerability, an attacker can craft specific checksum values to coax the rsync server into divulging sensitive information about arbitrary files. This enables a potential attacker to reconstruct the data from these files byte by byte, posing a significant risk to the integrity and confidentiality of sensitive information.",Red Hat,"Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Openshift Container Platform 4",6.1,MEDIUM,0.00044999999227002263,false,false,false,false,false,false,false,2025-01-14T17:37:54.960Z,0
CVE-2024-10963,https://securityvulnerability.io/vulnerability/CVE-2024-10963,Pam_Access Vulnerability: Bypassing Access Restrictions through Token Manipulation,"A vulnerability exists in PAM Access whereby certain entries in its configuration file can be incorrectly recognized as hostnames. This flaw enables attackers to masquerade as legitimate hostnames, potentially leading to unauthorized access to services and terminals. Systems leveraging PAM Access for managing user authentication could be compromised due to this misconfiguration issue, creating a significant risk for organizations relying on these security measures.",Red Hat,"Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Openshift Container Platform 4",7.4,HIGH,0.000910000002477318,false,false,false,false,,false,false,2024-11-07T16:02:34.873Z,0
CVE-2024-8418,https://securityvulnerability.io/vulnerability/CVE-2024-8418,Containers/aardvark-dns: tcp query handling flaw in aardvark-dns leading to denial of service,"Aardvark-dns has a vulnerability that allows attackers to conduct Denial of Service (DoS) attacks through improper handling of TCP DNS queries. The flaw arises from the serial processing of these queries, which permits an attacker to maintain a TCP connection indefinitely. This behavior can lead to the DNS server becoming unresponsive as legitimate queries time out, greatly affecting DNS service availability and disrupting normal operations for users.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Openshift Container Platform 4",7.5,HIGH,0.0005200000014156103,false,false,false,false,,false,false,2024-09-04T15:15:00.000Z,0
CVE-2024-43167,https://securityvulnerability.io/vulnerability/CVE-2024-43167,Segmentation Fault Vulnerability in Unbound's ub_ctx_set_fwd Function,"A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentation fault. When certain API functions such as ub_ctx_set_fwd and ub_ctx_resolvconf are called in a particular order, the program attempts to read from a NULL pointer, leading to a crash. This issue can result in a denial of service by causing the application to terminate unexpectedly.",Red Hat,"Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Openshift Container Platform 4,Red Hat Openstack Platform 16.2,Red Hat Openstack Platform 17.1,Red Hat Openstack Platform 18.0",2.8,LOW,0.00044999999227002263,false,false,false,false,,false,false,2024-08-12T13:38:00.000Z,0
CVE-2024-43168,https://securityvulnerability.io/vulnerability/CVE-2024-43168,Unbound: heap-buffer-overflow in unbound,"A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system.",Red Hat,"Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Openshift Container Platform 4,Red Hat Openstack Platform 16.2,Red Hat Openstack Platform 17.1,Red Hat Openstack Platform 18.0",4.8,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-08-12T13:38:00.000Z,0
CVE-2024-7409,https://securityvulnerability.io/vulnerability/CVE-2024-7409,QEMU NBD Server Vulnerability: DoS Attack via Socket Closure,A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.,Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Openshift Container Platform 4.13,Red Hat Openshift Container Platform 4.15,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8 Advanced Virtualization,Red Hat Enterprise Linux 9",,,0.0004600000102072954,false,false,false,false,,false,false,2024-08-05T13:19:27.498Z,0
CVE-2024-6501,https://securityvulnerability.io/vulnerability/CVE-2024-6501,Denial of Service Vulnerability in NetworkManager by Red Hat,"A vulnerability exists in NetworkManager that can be exploited when DEBUG logging is enabled and an interface configured with LLDP is active. A malicious user can send a crafted LLDP packet, causing NetworkManager to crash and resulting in denial of service. Keeping NetworkManager updated and logging configurations properly managed is crucial to mitigate this risk.",Red Hat,",Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Openshift Container Platform 4",3.1,LOW,0.00044999999227002263,false,false,false,false,,false,false,2024-07-09T20:15:00.000Z,0
CVE-2024-3653,https://securityvulnerability.io/vulnerability/CVE-2024-3653,Undertow Vulnerability: Enabling Learning-Push Handler Can Prevent Attacks,"A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the server is not subject to the attack. The attacker needs to be able to reach the server with a normal HTTP request.",Red Hat,"Red Hat Jboss Enterprise Application Platform 7.1.0,Red Hat Jboss Enterprise Application Platform 7.4 For Rhel 8,Red Hat Jboss Enterprise Application Platform 7.4 For Rhel 9,Red Hat Jboss Enterprise Application Platform 7.4 On Rhel 7,Red Hat Jboss Enterprise Application Platform 8,Openshift Serverless,Red Hat Build Of Apache Camel For Quarkus,Red Hat Build Of Apache Camel For Spring Boot,Red Hat Build Of Apache Camel - Hawtio,Red Hat Build Of Apicurio Registry,Red Hat Build Of Keycloak,Red Hat Build Of Optaplanner 8,Red Hat Build Of Quarkus,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Jboss Data Grid 7,Red Hat Jboss Enterprise Application Platform Expansion Pack,Red Hat Jboss Fuse 7,Red Hat Jboss Fuse Service Works 6,Red Hat Process Automation 7,Red Hat Single Sign-on 7,Streams For Apache Kafka",5.3,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-07-08T21:21:20.899Z,0
CVE-2024-4467,https://securityvulnerability.io/vulnerability/CVE-2024-4467,QEMU qemu-img Vulnerability: Memory or CPU Consumption Denial of Service,"A vulnerability exists in the QEMU disk image utility related to the 'info' command, where a specially crafted image file containing a specific JSON value can cause the qemu-img process to use an excessive amount of system resources. This behavior may result in resource exhaustion, potentially leading to a denial of service. The exploit can also enable unauthorized read/write access to existing external files on the host system, creating a significant security risk for affected environments.",Red Hat,"Advanced Virtualization For Rhel 8.2.1,Advanced Virtualization For Rhel 8.4.0.eus,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.4 Telecommunications Update Service,Red Hat Enterprise Linux 8.4 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support,Red Hat Enterprise Linux 8.6 Telecommunications Update Service,Red Hat Enterprise Linux 8.6 Update Services For SAP Solutions,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8 Advanced Virtualization,Red Hat Openshift Virtualization 4",7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-07-02T16:15:00.000Z,0
CVE-2024-6387,https://securityvulnerability.io/vulnerability/CVE-2024-6387,Signal Handler Race Condition in OpenSSH's Server,"A regression vulnerability discovered in OpenSSH's server (sshd) involves a race condition affecting the handling of signals. This vulnerability allows an attacker to exploit the sshd service by failing to authenticate within a specified timeframe. If successfully triggered, this flaw could alter the normal operation of the sshd service. As a result, an unauthenticated remote attacker may gain the ability to execute arbitrary code, potentially compromising the affected system. This vulnerability underscores the importance of timely security updates and robust configurations to safeguard systems running OpenSSH.",Red Hat,"Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Openshift Container Platform 4",8.1,HIGH,0.0026100000832229853,false,true,false,true,true,true,true,2024-07-01T12:37:25.431Z,159237
CVE-2023-5675,https://securityvulnerability.io/vulnerability/CVE-2023-5675,"Quarkus: authorization flaw in quarkus resteasy reactive and classic when ""quarkus.security.jaxrs.deny-unannotated-endpoints"" or ""quarkus.security.jaxrs.default-roles-allowed"" properties are used.","A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either 'quarkus.security.jaxrs.deny-unannotated-endpoints' or 'quarkus.security.jaxrs.default-roles-allowed' properties.",Red Hat,"Red Hat Build Of Quarkus 2.13.9.final,Red Hat Build Of Quarkus 3.2.9.final,A-MQ Clients 2,Cryostat 2,Openshift Serverless,Red Hat Build Of Optaplanner 8,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Integration Service Registry,Red Hat Jboss Enterprise Application Platform 8,Red Hat Jboss Fuse 7,Red Hat Process Automation 7",6.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-04-25T16:15:00.000Z,0
CVE-2024-1300,https://securityvulnerability.io/vulnerability/CVE-2024-1300,Memory Leak in TLS and SNI Support in Eclipse Vert.x Toolkit Allows Attackers to Trigger JVM Out-of-Memory Error,"A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.",Red Hat,"Ceq 3.2,Cryostat 2 On Rhel 8,Migration Toolkit For Runtimes 1 On Rhel 8,Mta-6.2-rhel-9,Red Hat AMQ Streams 2.7.0,Red Hat Build Of Apache Camel 4.4.1 For Spring Boot,Red Hat Build Of Quarkus 3.2.11.final,Rhint Service Registry 2.5.11 Ga,A-MQ Clients 2,Openshift Serverless,Red Hat Build Of Apache Camel For Spring Boot,Red Hat Build Of Keycloak,Red Hat Build Of Optaplanner 8,Red Hat Build Of Quarkus,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Jboss A-MQ 7,Red Hat Jboss Data Grid 7,Red Hat Jboss Enterprise Application Platform 7,Red Hat Jboss Enterprise Application Platform 8,Red Hat Jboss Enterprise Application Platform Expansion Pack,Red Hat Jboss Fuse 7,Red Hat Process Automation 7",5.4,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-04-02T08:15:00.000Z,0
CVE-2024-1023,https://securityvulnerability.io/vulnerability/CVE-2024-1023,Memory Leak Vulnerability in Eclipse Vert.x Toolkit,"A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge, allowing an attacker to exploit this vulnerability. For instance, a server accepting arbitrary internet addresses could serve as an attack vector by connecting to these addresses, thereby accelerating the memory leak.",Red Hat,"Ceq 3.2,Cryostat 2 On Rhel 8,Mta-6.2-rhel-9,Red Hat AMQ Streams 2.7.0,Red Hat Build Of Apache Camel 4.4.1 For Spring Boot,Red Hat Build Of Quarkus 3.2.11.final,Rhint Service Registry 2.5.11 Ga,A-MQ Clients 2,Migration Toolkit For Runtimes,Openshift Serverless,Red Hat AMQ Broker 7,Red Hat Build Of Apache Camel For Spring Boot 3,Red Hat Build Of Keycloak,Red Hat Build Of Optaplanner 8,Red Hat Build Of Quarkus,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Jboss Data Grid 7,Red Hat Jboss Enterprise Application Platform 7,Red Hat Jboss Enterprise Application Platform 8,Red Hat Jboss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7",6.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-03-27T07:51:15.716Z,0
CVE-2024-1394,https://securityvulnerability.io/vulnerability/CVE-2024-1394,Memory Leak Vulnerability in Golang RSA Code Could Lead to Resource Exhaustion,"A memory leak flaw has been identified in the RSA encrypting and decrypting code of the Golang FIPS OpenSSL library. This issue arises from improper handling of named return parameters, specifically within the RSA library's context initialization process. When errors occur during context initialization or property settings, the related pointers, namely 'pkey' and 'ctx', are left unfreed, leading to a potential resource exhaustion vulnerability. Attackers can exploit this flaw through crafted inputs, causing the application to exhaust memory resources.",Red Hat,"Red Hat Ansible Automation Platform 2.4 For Rhel 8,Red Hat Ansible Automation Platform 2.4 For Rhel 9,Red Hat Developer Tools,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Openshift Container Platform 4.12,Red Hat Openshift Container Platform 4.13,Red Hat Openshift Container Platform 4.14,Red Hat Openshift Container Platform 4.15,Red Hat Openstack Platform 16.2,Red Hat Openstack Platform 17.1 For Rhel 8,Red Hat Openstack Platform 17.1 For Rhel 9,Rhodf-4.16-rhel-9,Nbde Tang Server,Openshift Developer Tools And Services,Openshift Pipelines,Openshift Serverless,Red Hat Ansible Automation Platform 1.2,Red Hat Ansible Automation Platform 2,Red Hat Certification For Red Hat Enterprise Linux 8,Red Hat Certification For Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 7,Red Hat Openshift Container Platform 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Dev Spaces,Red Hat Openshift Gitops,Red Hat Openshift On Aws,Red Hat Openshift Virtualization 4,Red Hat Openstack Platform 16.1,Red Hat Openstack Platform 17.1,Red Hat Openstack Platform 18.0,Red Hat Service Interconnect 1,Red Hat Software Collections,Red Hat Storage 3",7.5,HIGH,0.0006900000153109431,false,false,false,false,,false,false,2024-03-21T12:16:38.790Z,0
CVE-2024-1753,https://securityvulnerability.io/vulnerability/CVE-2024-1753,Container Escape Vulnerability in Podman Build and Buildah,"A flaw exists within Buildah and Podman that permits containers to mount arbitrary locations from the host filesystem into build containers. This vulnerability can be exploited by utilizing a malicious Containerfile, where a deceptive image with a symbolic link to the root filesystem serves as the mount source. Such an operation can lead to the host's root filesystem being mounted inside the RUN step of the container build process, allowing full read-write access to the host filesystem during execution. This significant risk underscores the potential for complete container escape at build time, representing a serious threat to security and requiring immediate attention.",Red Hat,"Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Openshift Container Platform 4.12,Red Hat Openshift Container Platform 4.13,Red Hat Openshift Container Platform 4.14,Red Hat Openshift Container Platform 4.15,Red Hat Enterprise Linux 7,Red Hat Openshift Container Platform 3.11",8.6,HIGH,0.0004400000034365803,false,true,false,false,,false,false,2024-03-18T14:23:44.213Z,0
CVE-2023-3966,https://securityvulnerability.io/vulnerability/CVE-2023-3966,Crafted Geneve Packets May Cause Denial of Service and Invalid Memory Accesses in Open vSwitch,"A vulnerability in Open vSwitch has been identified where multiple versions are susceptible to maliciously crafted Geneve packets. This flaw has the potential to lead to denial of service by causing invalid memory accesses. Exploitation of this vulnerability necessitates that hardware offloading via the netlink path is enabled, making systems at risk particularly those that utilize specific network configurations.",Red Hat,"Openvswitch,Fast Datapath For Rhel 7,Fast Datapath For Rhel 8,Fast Datapath For Rhel 9,Red Hat Enterprise Linux 7,Red Hat Openshift Container Platform 3.11,Openstack Rdo,Fedora",7.5,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-02-22T12:15:53.128Z,0
CVE-2024-1635,https://securityvulnerability.io/vulnerability/CVE-2024-1635,Undertow Vulnerability Impacts Wildfly-HTTP-Client Server,"A vulnerability has been identified within Undertow that affects servers utilizing the WildFly HTTP Client protocol. The issue occurs when a malicious actor exploits the behavior of connection handling, causing the server to exhaust its memory and file descriptor limits. This situation arises when a connection is opened and immediately closed at the HTTP port, leading to leaked connections via the WriteTimeoutStreamSinkConduit. Notably, if the RemotingConnection is closed by the Remoting ServerConnectionOpenListener, the connection's outermost layer fails to notify the Undertow conduit of the closure. Consequently, this lack of notification allows the timeout task to continue leaking connections through the XNIO WorkerThread, resulting in a prolonged impact on the server's resource consumption. Organizations are urged to address this vulnerability promptly to safeguard against potential denial-of-service scenarios.",Red Hat,"Red Hat Jboss Enterprise Application Platform 7,Red Hat Jboss Enterprise Application Platform 7.4 For Rhel 8,Red Hat Jboss Enterprise Application Platform 7.4 For Rhel 9,Red Hat Jboss Enterprise Application Platform 7.4 On Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Rhsso 7.6.8,Openshift Serverless,Red Hat Build Of Apache Camel For Quarkus,Red Hat Build Of Apache Camel For Spring Boot,Red Hat Build Of Apicurio Registry,Red Hat Build Of Keycloak,Red Hat Build Of Optaplanner 8,Red Hat Build Of Quarkus,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Jboss Data Grid 7,Red Hat Jboss Enterprise Application Platform 8,Red Hat Jboss Fuse 7,Red Hat Jboss Fuse Service Works 6,Red Hat Process Automation 7,Streams For Apache Kafka",7.5,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-02-19T21:23:14.496Z,0
CVE-2023-6291,https://securityvulnerability.io/vulnerability/CVE-2023-6291,Keycloak: redirect_uri validation bypass,"A flaw has been identified in the redirect_uri validation logic within Keycloak, a product developed by Red Hat. This vulnerability could potentially allow attackers to bypass explicitly allowed hosts, leading to unauthorized access. If exploited, it may enable the theft of access tokens, thereby allowing attackers to impersonate legitimate users and compromise sensitive data. Organizations using Keycloak should ensure they are aware of this issue and implement appropriate security measures to mitigate the risks associated with this vulnerability.",Red Hat,"Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 22.0.7,Red Hat Single Sign-on 7,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Single Sign-on 7.6.6,Migration Toolkit For Applications 6,Migration Toolkit For Applications 7,Openshift Serverless,Red Hat Data Grid 8,Red Hat Decision Manager 7,Red Hat Fuse 7,Red Hat Jboss Data Grid 7,Red Hat Jboss Enterprise Application Platform 6,Red Hat Process Automation 7",7.1,HIGH,0.0017099999822676182,false,false,false,false,,false,false,2024-01-26T14:23:43.185Z,0
CVE-2024-0567,https://securityvulnerability.io/vulnerability/CVE-2024-0567,Gnutls: rejects certificate chain with distributed trust,"A vulnerability exists in GnuTLS that leads to the rejection of a certificate chain with distributed trust when utilizing the cockpit-certificate-ensure functionality. This issue effectively allows unauthenticated remote clients or attackers to exploit the flaw, resulting in potential denial of service conditions. The flaw emphasizes the importance of robust certificate validation processes in enhancing the security posture of applications relying on GnuTLS.",Red Hat,"Gnutls,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Openshift Container Platform 3.11,Fedora",7.5,HIGH,0.001879999996162951,false,false,false,false,,false,false,2024-01-16T14:01:59.178Z,0
CVE-2023-6476,https://securityvulnerability.io/vulnerability/CVE-2023-6476,Cri-o: pods are able to break out of resource confinement on cgroupv2,"A critical flaw exists in the CRI-O runtime, which is related to experimental annotations that can lead to a container running in an unconfined state. This vulnerability allows a pod to gain control over memory and CPU resources beyond standard limits, effectively bypassing the Kubernetes scheduler's resource management. The repercussions of this vulnerability could include a denial of service on the affected node, as it can lead to resource exhaustion and instability. Monitoring and patching affected versions are essential to mitigate risks associated with this vulnerability.",Red Hat,"kernel,Red Hat OpenShift Container Platform 4.13,Red Hat OpenShift Container Platform 4.14,Red Hat OpenShift Container Platform 3.11,Fedora,Extra Packages for Enterprise Linux",7.5,HIGH,0.0009800000116229057,false,false,false,false,,false,false,2024-01-09T21:32:03.407Z,0
CVE-2023-5366,https://securityvulnerability.io/vulnerability/CVE-2023-5366,Openvswitch don't match packets on nd_target field,A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.,Red Hat,"Openvswitch,Fast Datapath For Rhel 7,Fast Datapath For Rhel 8,Fast Datapath For Rhel 9,Red Hat Enterprise Linux 7,Red Hat Openshift Container Platform 3.11,Red Hat Openshift Container Platform 4,Red Hat Openstack Platform 16.1,Red Hat Openstack Platform 16.2,Red Hat Virtualization 4,Fedora",5.5,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-10-06T18:15:00.000Z,0