cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12582,https://securityvulnerability.io/vulnerability/CVE-2024-12582,Vulnerability in Skupper Console Exposes Sensitive Data and Impacts Resource Availability,"A significant flaw exists in the Skupper Console, which serves as a read-only interface presenting network traffic details and metrics for applications configured in hybrid multi-cloud environments. The vulnerability arises when the default authentication mechanism is employed, resulting in the generation of a random password for the 'admin' user. This password is stored in plaintext within a Kubernetes secret or a Podman volume, leaving it susceptible to interception. An attacker exploiting this method can read any user-readable file within the container's filesystem, directly jeopardizing data confidentiality. Furthermore, by manipulating Skupper’s behavior, an attacker can prompt the system to read excessively large files into memory, potentially leading to a denial-of-service condition due to resource exhaustion.",Red Hat,Red Hat Service Interconnect 1,7.1,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2024-12-24T03:31:24.896Z,0
CVE-2024-1394,https://securityvulnerability.io/vulnerability/CVE-2024-1394,Memory Leak Vulnerability in Golang RSA Code Could Lead to Resource Exhaustion,"A memory leak flaw has been identified in the RSA encrypting and decrypting code of the Golang FIPS OpenSSL library. This issue arises from improper handling of named return parameters, specifically within the RSA library's context initialization process. When errors occur during context initialization or property settings, the related pointers, namely 'pkey' and 'ctx', are left unfreed, leading to a potential resource exhaustion vulnerability. Attackers can exploit this flaw through crafted inputs, causing the application to exhaust memory resources.",Red Hat,"Red Hat Ansible Automation Platform 2.4 For Rhel 8,Red Hat Ansible Automation Platform 2.4 For Rhel 9,Red Hat Developer Tools,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.0 Update Services For SAP Solutions,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Openshift Container Platform 4.12,Red Hat Openshift Container Platform 4.13,Red Hat Openshift Container Platform 4.14,Red Hat Openshift Container Platform 4.15,Red Hat Openstack Platform 16.2,Red Hat Openstack Platform 17.1 For Rhel 8,Red Hat Openstack Platform 17.1 For Rhel 9,Rhodf-4.16-rhel-9,Nbde Tang Server,Openshift Developer Tools And Services,Openshift Pipelines,Openshift Serverless,Red Hat Ansible Automation Platform 1.2,Red Hat Ansible Automation Platform 2,Red Hat Certification For Red Hat Enterprise Linux 8,Red Hat Certification For Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 7,Red Hat Openshift Container Platform 4,Red Hat Openshift Container Storage 4,Red Hat Openshift Dev Spaces,Red Hat Openshift Gitops,Red Hat Openshift On Aws,Red Hat Openshift Virtualization 4,Red Hat Openstack Platform 16.1,Red Hat Openstack Platform 17.1,Red Hat Openstack Platform 18.0,Red Hat Service Interconnect 1,Red Hat Software Collections,Red Hat Storage 3",7.5,HIGH,0.0006900000153109431,false,false,false,false,,false,false,2024-03-21T12:16:38.790Z,0