Red Hat Latest Vulnerabilities

September 17

Openshift Builder Vulnerability: Command Injection via Path Traversal

CVE-2024-7387

Red HatRed Hat Openshift Cont...9.1CRITICAL

Unrestricted Access via Crafted .gitconfig File in OpenShift Build Process

CVE-2024-45496

Red HatRed Hat Openshift Cont...9.9CRITICAL

September 14

Ansible Vault Flaw Exposes Sensitive Information in Plaintext

CVE-2024-8775

Red HatRed Hat Ansible Automa...5.5MEDIUM

September 10

Keycloak: amount of attributes per object is not limited and it may lead to dos

CVE-2023-6841

Red HatRed Hat Build Of Quarkus6.5MEDIUM

Heap-based buffer overflow vulnerability in libopensc OpenPGP driver could lead to arbitrary code execution

CVE-2024-8443

Red HatRed Hat Enterprise Lin...

September 9

Session Fixation Vulnerability in Keycloak SAML Adapters

CVE-2024-7341

Red HatRed Hat Build Of Keycloak7.1HIGH

Vulnerability in FreeOTP Allows Attackers to Abuse System and Compromise Accounts

CVE-2024-7318

Red HatRed Hat Build Of Keycl...4.8MEDIUM

Keycloak Open Redirect Vulnerability Could Lead to Phishing Attacks

CVE-2024-7260

Red HatRed Hat Build Of Keycl...4.4MEDIUM

September 6

Forklift Controller Vulnerability: Missing Authorization Header Security

CVE-2024-8509

Red HatMigration Toolkit For ...7.5HIGH

September 5

Insufficient Fix for Server Crash Vulnerability in 389-ds-base

CVE-2024-8445

Red HatRed Hat Directory Serv...

September 4

Containers/aardvark-dns: tcp query handling flaw in aardvark-dns leading to denial of service

CVE-2024-8418

Red HatRed Hat Enterprise Lin...7.5HIGH

Pulpcore Authentication Bypass Vulnerability Affects Satellite Deployments

CVE-2024-7923

Red HatSatellite9.8CRITICAL

Foreman Authentication Bypass Vulnerability

CVE-2024-7012

Red HatSatellite9.8CRITICAL

September 3

CVE-2024-45619

Red HatEnterprise Linux6.8MEDIUM

Libopensc: pkcs15init: usage of uninitialized values in libopensc and pkcs15init

CVE-2024-45615

Red HatRed Hat Enterprise Lin...3.9LOW

CVE-2024-45620

Red HatEnterprise Linux6.8MEDIUM

Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc

CVE-2024-45616

Red HatRed Hat Enterprise Lin...3.9LOW

Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc

CVE-2024-45617

Red HatRed Hat Enterprise Lin...3.9LOW

Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init

CVE-2024-45618

Red HatRed Hat Enterprise Lin...3.9LOW

Keycloak: potential bypass of brute force protection

CVE-2024-4629

Red HatRed Hat Build Of Keycloak6.5MEDIUM

August 30

Kroxylicious TLS Connection Flaw: High Complexity Attack with Data Integrity and Confidentiality Impact

CVE-2024-8285

Red HatStreams For Apache Kafka7.3HIGH

Crash of virtinterfaced Daemon Due to NULL Pointer Dereference

CVE-2024-8235

Red HatRed Hat Enterprise Lin...6.2MEDIUM

August 21

Undertow ProxyProtocolReadListener Vulnerability

CVE-2024-7885

Red HatRed Hat Build Of Apach...7.5HIGH

OpenStack Platform Vulnerability Exposes Containers to MITM Attacks

CVE-2024-8007

Red HatRed Hat Openstack Plat...8.1HIGH

Insufficient Entropy Vulnerability in Red Hat Openshift Console Allows CSRF Attacks

CVE-2024-6508

Red HatRed Hat Openshift Cont...8HIGH

August 12

Unauthorized Command Execution via Host Registration

CVE-2024-7700

Red HatRed Hat Satellite 66.5MEDIUM

Libtiff: null pointer dereference in tif_dirinfo.c

CVE-2024-7006

Red HatRed Hat Enterprise Lin...7.5HIGH

Segmentation Fault Vulnerability in Unbound's ub_ctx_set_fwd Function

CVE-2024-43167

Red HatRed Hat Enterprise Lin...2.8LOW

Authentication Bypass and Privilege Escalation Vulnerability in OpenShift AI

CVE-2024-7557

Red HatRed Hat Openshift Ai (...8.8HIGH

Unbound: heap-buffer-overflow in unbound

CVE-2024-43168

Red HatRed Hat Enterprise Lin...4.8MEDIUM

Fence Agents Vulnerability can lead to Privilege Escalation

CVE-2024-5651

Red HatFence Agents Remediati...8.8HIGH

August 7

Flaw in Pulp Package Allows Oldest User with Task Permissions to Control Object Creation

CVE-2024-7143

Red HatRed Hat Ansible Automa...8.3HIGH

August 5

QEMU NBD Server Vulnerability: DoS Attack via Socket Closure

CVE-2024-7409

Red HatRed Hat Enterprise Lin...

libnbd TLS Verification Vulnerability Allows Man-in-the-Middle Attack

CVE-2024-7383

Red HatRed Hat Enterprise Lin...7.4HIGH

July 26

Openshift Console Flaw Allows Data Exposure Without Proper Credential Verification

CVE-2024-7128

Red HatRed Hat Openshift Cont...5.3MEDIUM

July 24

Unauthorized Access to /API/helm/verify Endpoint in Openshift

CVE-2024-7079

Red HatRed Hat Openshift Cont...6.5MEDIUM

July 17

Static Cookie Secret Vulnerability in Skupper

CVE-2024-6535

Red HatRed Hat Service Interc...5.3MEDIUM

July 16

Gtk3: gtk2: library injection from cwd

CVE-2024-6655

Red HatRed Hat Enterprise Lin...7HIGH

July 13

OpenJPEG Vulnerability Leads to Terminal Looping

CVE-2023-39327

Red HatRed Hat Enterprise Lin...4.3MEDIUM

Denial of Service Flaw in OpenJPEG Opj_t1_decode_cblks Function

CVE-2023-39329

Red HatRed Hat Enterprise Lin...6.5MEDIUM

July 9

389-ds-base: unauthenticated user can trigger a dos by sending a specific extended search request

CVE-2024-6237

Red HatRed Hat Directory Serv...6.5MEDIUM

Openjpeg: denail of service via crafted image file

CVE-2023-39328

Red HatRed Hat Enterprise Lin...5.5MEDIUM

July 8

Undertow Vulnerability: Enabling Learning-Push Handler Can Prevent Attacks

CVE-2024-3653

Red HatRed Hat Jboss Enterpri...5.3MEDIUM

Undertow Vulnerability Leads to Denial of Service Attack

CVE-2024-5971

Red HatRed Hat Build Of Apach...7.5HIGH

Signal Handler Race Condition Vulnerability in OpenSSH sshd

CVE-2024-6409

Red HatRed Hat Enterprise Lin...😄👾7HIGH

July 5

Heap Overflow Vulnerability in QEMU's virtio-net Device

CVE-2024-6505

Red HatRed Hat Enterprise Lin...6MEDIUM

July 3

Cockpit Package Vulnerability Leads to Denial of Service Attack

CVE-2024-6126

Red HatRed Hat Enterprise Lin...3.2LOW

July 2

QEMU qemu-img Vulnerability: Memory or CPU Consumption Denial of Service

CVE-2024-4467

Red HatAdvanced Virtualizatio...7.8HIGH

July 1

Signal Handler Race Condition in OpenSSH's Server

CVE-2024-6387

Red HatRed Hat Enterprise Lin...🔥😄👾8.1HIGH

June 21

Pdfinfo Utility Vulnerable to Denial of Service Attack

CVE-2024-6239

Red HatRed Hat Enterprise Lin...7.5HIGH

June 20

Undertow Ajp-Listener Vulnerability: URL-Encoded Request Path Information Can Be Broken

CVE-2024-6162

Red HatEap 8.0.17.5HIGH

June 18

LDAP Endpoint Vulnerability Allows Credentials Leakage

CVE-2024-5967

Red HatRed Hat Build Of Keycloak2.7LOW

Denial of Service Vulnerability in 389-ds-base LDAP Server

CVE-2024-5953

Red HatRed Hat Directory Serv...5.7MEDIUM

June 12

Quay: unauthorized user may authenticate via oauth application token

CVE-2024-5891

Red HatRed Hat Quay 34.2MEDIUM

GNU Nano Vulnerability Allows Privilege Escalation Through Insecure Temporary File

CVE-2024-5742

Red HatRed Hat Enterprise Lin...4.7MEDIUM

Keycloak CSRF Flaw Allows Attackers to Trick Users into Authenticating with Malicious Accounts

CVE-2024-5203

Red HatRed Hat Build Of Keycloak

Container Orchestration Flaw Allows Arbitrary File Access

CVE-2024-5154

Red HatRed Hat Openshift Cont...8.1HIGH

FreeIPA Vulnerability Allows Brute Force Attacks on Principal Passwords

CVE-2024-3183

Red HatRed Hat Enterprise Lin...👾8.1HIGH

Missing condition for granting 'forwardable' flag on S4U2Self tickets

CVE-2024-2698

Red HatRed Hat Enterprise Lin...7.1HIGH

June 11

Ldap Injection Vulnerability in dogtag-pki and pki-core Could Lead to Privilege Escalation

CVE-2023-4727

Red HatRed Hat Certificate Sy...7.5HIGH

June 6

HMAC Vulnerability in Booth Cluster Ticket Manager

CVE-2024-3049

Red HatRed Hat Enterprise Lin...5.9MEDIUM

June 5

Openshift/telemeter: iss check during jwt authentication can be bypassed

CVE-2024-5037

Red HatRed Hat Openshift Cont...7.5HIGH

Foreman-installer: candlepin database password being leaked to local users via the process list

CVE-2024-3716

Red HatRed Hat Satellite 66.2MEDIUM

Katello: potential cross-site scripting exploit in ui

CVE-2024-4812

Red HatRed Hat Satellite 64.8MEDIUM

June 3

Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie

CVE-2024-4540

Red HatRed Hat Build Of Keycloak7.5HIGH

May 31

Buffer Overflow Vulnerability in libndp's NetworkManager

CVE-2024-5564

Red HatRed Hat Enterprise Lin...8.1HIGH

May 28

LDAP Query Flaw Leads to Denial of Service on 389-ds-base Directory Server

CVE-2024-3657

Red HatRed Hat Directory Serv...7.5HIGH

Authenticated Denial of Service Vulnerability in 389-ds-base LDAP Server

CVE-2024-2199

Red HatRed Hat Directory Serv...5.7MEDIUM

May 17

Submariner-operator: rbac permissions can allow for the spread of node compromises

CVE-2024-5042

Red HatRhodf-4.16-rhel-96.6MEDIUM

May 14

Foreman: host ssh key not being checked in remote execution

CVE-2024-4871

Red HatRed Hat Satellite 6.15...6.8MEDIUM

Rhosp-director: cleartext passwords exposed in logs

CVE-2024-4840

Red HatRed Hat Openstack Plat...5.5MEDIUM

Guest-Triggerable Crash in QEMU Virtio PCI Bindings Could Lead to Host Crash

CVE-2024-4693

Red HatRed Hat Enterprise Lin...5.5MEDIUM

Un authenticated registry access vulnerability in image library

CVE-2024-3727

Red HatRed Hat Advanced Clust...8.3HIGH

May 8

Incomplete Fix for CVE-2023-39325/CVE-2023-44487 in Red Hat OpenStack Platform

CVE-2024-4438

Red HatRed Hat Openstack Plat...7.5HIGH

Incomplete Fix for CVE-2021-44716 in Red Hat OpenStack Platform

CVE-2024-4437

Red HatRed Hat Openstack Plat...7.5HIGH

Incomplete Fix for CVE-2022-41723 in Red Hat OpenStack Platform

CVE-2024-4436

Red HatRed Hat Openstack Plat...7.5HIGH

Stack Use-After-Free Flaw in libvirt Allows Escape from Limited Access

CVE-2024-4418

Red HatRed Hat Enterprise Lin...6.2MEDIUM

May 2

Wildfly Management Interface Vulnerability: Denial of Service via Unlimited Connections

CVE-2024-4029

Red HatRed Hat Build Of Keycloak4.1MEDIUM

May 1

Information Disclosure Flaw in OpenShift Image Registry Operator Could Lead to Identity Theft

CVE-2024-4369

Red HatRed Hat Openshift Cont...6.8MEDIUM

April 26

Arbitrary Systemd Property Injection Vulnerability in cri-o

CVE-2024-3154

Red HatRed Hat Openshift Cont...👾7.2HIGH

April 25

Flaw in Bombastic Allows Authenticated Users to Upload Compressed SBOMs

CVE-2024-3508

Red HatRed Hat Trusted Profil...4.3MEDIUM

Mirror-registry Flaw Exposes Quay Database Secrets

CVE-2024-3623

Red HatMirror Registry For Re...8.1HIGH

Security Vulnerability in Default Builds of rpm-ostree Exposes Sensitive Authentication Data

CVE-2024-2905

Red HatRed Hat Enterprise Lin...6.2MEDIUM

Plain Text Database Vulnerability Exposes Quay's Redis Instance to Attack

CVE-2024-3625

Red HatMirror Registry For Re...7.3HIGH

Mirror-registry Flaw Affects Quay Instances, Leading to Session Cookie Tampering

CVE-2024-3622

Red HatMirror Registry For Re...8.8HIGH

Quay's Database Vulnerability: Plain-Text Storage Exposes Sensitive Data

CVE-2024-3624

Red HatMirror Registry For Re...7.3HIGH

Quarkus: security checks for some inherited endpoints performed after serialization in resteasy reactive may trigger a denial of service

CVE-2024-1726

Red HatRed Hat Build Of Quark...5.3MEDIUM

Database Logging Vulnerability Exposes User Credentials

CVE-2024-1102

Red HatRed Hat Jboss Enterpri...6.5MEDIUM

Invalid Cache Entries Returning Due to Improperly Implemented Caching

CVE-2024-0874

Red HatRed Hat Openshift Cont...5.3MEDIUM

Remote Attacker May Discover Repository Pull Secret via Basic Login Credentials

CVE-2024-1139

Red HatRed Hat Openshift Cont...7.7HIGH

Insecure WebSocket Connection in Ansible Rulebook EDA Server Exposes System Data

CVE-2024-1657

Red HatRed Hat Ansible Automa...8.1HIGH

Keycloak: xss via assertion consumer service url in saml post-binding flow

CVE-2023-6717

Red HatRed Hat Build Of Keycl...6MEDIUM

Openshift: incomplete fix for rapid reset (cve-2023-44487/cve-2023-39325)

CVE-2023-6596

Red HatRed Hat Openshift Cont...7.5HIGH

Keycloak: log injection during webauthn authentication or registration

CVE-2023-6484

Red HatRed Hat Build Of Keycl...5.3MEDIUM

Quarkus: authorization flaw in quarkus resteasy reactive and classic when "quarkus.security.jaxrs.deny-unannotated-endpoints" or "quarkus.security.jaxrs.default-roles-allowed" properties are used.

CVE-2023-5675

Red HatRed Hat Build Of Quark...6.5MEDIUM

Keycloak Authentication Bypass Vulnerability

CVE-2023-3597

Red HatRed Hat Build Of Keycl...5MEDIUM

April 18

Race Condition Flaw in SSSD May Lead to Inconsistent Authorization

CVE-2023-3758

Red HatRed Hat Enterprise Lin...7.1HIGH

April 17

Bypass of Redirect URI Validation in Keycloak May Lead to Access Token Theft

CVE-2024-2419

Red HatUpstream7.1HIGH

Millions of Requests in Seconds: Keycloak OIDC Flaw Affects Application Availability

CVE-2024-1249

Red HatRed Hat Build Of Keycl...7.4HIGH

Keycloak Flaw Allows Attackers to Bypass Validation and Access Sensitive Information

CVE-2024-1132

Red HatMigration Toolkit For ...8.1HIGH