cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-1932,https://securityvulnerability.io/vulnerability/CVE-2023-1932,HTML Injection Vulnerability in Hibernate Validator,"A flaw exists in the 'isValid' method within the SafeHtmlValidator class of Hibernate Validator that allows for potential HTML injection and Cross-Site Scripting (XSS) attacks. This vulnerability occurs due to the improper handling of HTML tags, specifically when tag endings are omitted in a less-than character format. Consequently, browsers may render invalid HTML, which could be exploited by attackers to inject malicious scripts, compromising the security of affected applications.",Red Hat,"A-MQ Clients 2,Cryostat 2,Red Hat AMQ Broker 7,Red Hat A-MQ Online,Red Hat Bpm Suite 6,Red Hat Codeready Studio 12,Red Hat Data Grid 8,Red Hat Decision Manager 7,Red Hat Fuse 7,Red Hat Jboss Brms 5,Red Hat Jboss Data Grid 7,Red Hat Jboss Data Virtualization 6,Red Hat Jboss Enterprise Application Platform 5,Red Hat Jboss Enterprise Application Platform 6,Red Hat Jboss Enterprise Application Platform 7,Red Hat Jboss Enterprise Application Platform Continuous Delivery,Red Hat Jboss Fuse 6,Red Hat Jboss Fuse Service Works 6,Red Hat Jboss Operations Network 3,Red Hat Jboss Soa Platform 5,Red Hat Openstack Platform 10 (newton),Red Hat Openstack Platform 13 (queens),Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Single Sign-on 7,Red Hat Support For Spring Boot,Streams For Apache Kafka",6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-11-07T10:00:51.745Z,0
CVE-2024-1300,https://securityvulnerability.io/vulnerability/CVE-2024-1300,Memory Leak in TLS and SNI Support in Eclipse Vert.x Toolkit Allows Attackers to Trigger JVM Out-of-Memory Error,"A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.",Red Hat,"Ceq 3.2,Cryostat 2 On Rhel 8,Migration Toolkit For Runtimes 1 On Rhel 8,Mta-6.2-rhel-9,Red Hat AMQ Streams 2.7.0,Red Hat Build Of Apache Camel 4.4.1 For Spring Boot,Red Hat Build Of Quarkus 3.2.11.final,Rhint Service Registry 2.5.11 Ga,A-MQ Clients 2,Openshift Serverless,Red Hat Build Of Apache Camel For Spring Boot,Red Hat Build Of Keycloak,Red Hat Build Of Optaplanner 8,Red Hat Build Of Quarkus,Red Hat Data Grid 8,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Jboss A-MQ 7,Red Hat Jboss Data Grid 7,Red Hat Jboss Enterprise Application Platform 7,Red Hat Jboss Enterprise Application Platform 8,Red Hat Jboss Enterprise Application Platform Expansion Pack,Red Hat Jboss Fuse 7,Red Hat Process Automation 7",5.4,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-04-02T08:15:00.000Z,0
CVE-2024-1023,https://securityvulnerability.io/vulnerability/CVE-2024-1023,Memory Leak Vulnerability in Eclipse Vert.x Toolkit,"A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge, allowing an attacker to exploit this vulnerability. For instance, a server accepting arbitrary internet addresses could serve as an attack vector by connecting to these addresses, thereby accelerating the memory leak.",Red Hat,"Ceq 3.2,Cryostat 2 On Rhel 8,Mta-6.2-rhel-9,Red Hat AMQ Streams 2.7.0,Red Hat Build Of Apache Camel 4.4.1 For Spring Boot,Red Hat Build Of Quarkus 3.2.11.final,Rhint Service Registry 2.5.11 Ga,A-MQ Clients 2,Migration Toolkit For Runtimes,Openshift Serverless,Red Hat AMQ Broker 7,Red Hat Build Of Apache Camel For Spring Boot 3,Red Hat Build Of Keycloak,Red Hat Build Of Optaplanner 8,Red Hat Build Of Quarkus,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat Integration Camel K,Red Hat Integration Camel Quarkus,Red Hat Jboss Data Grid 7,Red Hat Jboss Enterprise Application Platform 7,Red Hat Jboss Enterprise Application Platform 8,Red Hat Jboss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7",6.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-03-27T07:51:15.716Z,0
CVE-2023-0833,https://securityvulnerability.io/vulnerability/CVE-2023-0833,Component version with information disclosure flaw,"A flaw was found in Red Hat's AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular permissions.",Red Hat,"okhttp,Red Hat JBoss A-MQ Streams",5.5,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2023-09-27T15:16:00.000Z,0
CVE-2023-3089,https://securityvulnerability.io/vulnerability/CVE-2023-3089,Ocp & fips mode,"A compliance issue has been identified in the Red Hat OpenShift Container Platform when operated in FIPS mode, where not all utilized cryptographic modules were validated against FIPS standards. This could potentially impact the security posture within environments that require FIPS-compliant cryptographic solutions, urging users to review their configurations and understand the implications on their compliance requirements.",Red Hat,"Openshift,Openshift Serverless,Openshift Service Mesh 2.2.x,Openshift Service Mesh 2.3.x,Openshift Service Mesh 2.4,Red Hat Advanced Cluster Management For Kubernetes 2,Red Hat Jboss A-MQ Streams,Red Hat Openshift Container Platform 3.11,Red Hat Openshift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Sandboxed Containers,Red Hat Openshift Virtualization 4",7,HIGH,0.0011899999808520079,false,false,false,false,,false,false,2023-07-05T13:15:00.000Z,0