Total
239 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27561 | 3 Debian, Linuxfoundation, Redhat | 4 Debian Linux, Runc, Enterprise Linux and 1 more | 2024-12-06 | N/A | 7.0 HIGH |
| runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. | |||||
| CVE-2023-48795 | 43 9bis, Apache, Apple and 40 more | 69 Kitty, Sshd, Sshj and 66 more | 2024-12-02 | N/A | 5.9 MEDIUM |
| The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust. | |||||
| CVE-2024-8883 | 1 Redhat | 6 Build Of Keycloak, Openshift Container Platform, Openshift Container Platform For Ibm Z and 3 more | 2024-11-26 | N/A | 6.1 MEDIUM |
| A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking. | |||||
| CVE-2024-7079 | 1 Redhat | 1 Openshift Container Platform | 2024-11-21 | N/A | 6.5 MEDIUM |
| A flaw was found in the Openshift console. The /API/helm/verify endpoint is tasked to fetch and verify the installation of a Helm chart from a URI that is remote HTTP/HTTPS or local. Access to this endpoint is gated by the authHandlerWithUser() middleware function. Contrary to its name, this middleware function does not verify the validity of the user's credentials. As a result, unauthenticated users can access this endpoint. | |||||
| CVE-2024-6387 | 9 Amazon, Canonical, Debian and 6 more | 20 Linux 2023, Ubuntu Linux, Debian Linux and 17 more | 2024-11-21 | N/A | 8.1 HIGH |
| A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. | |||||
| CVE-2024-5037 | 1 Redhat | 2 Openshift Container Platform, Openshift Distributed Tracing | 2024-11-21 | N/A | 7.5 HIGH |
| A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication. | |||||
| CVE-2024-4629 | 1 Redhat | 8 Build Of Keycloak, Enterprise Linux, Keycloak and 5 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This timing loophole enables attackers to make more guesses at passwords than intended, potentially compromising account security on affected systems. | |||||
| CVE-2023-6563 | 1 Redhat | 6 Enterprise Linux, Keycloak, Openshift Container Platform and 3 more | 2024-11-21 | N/A | 7.7 HIGH |
| An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens (> 500,000 users with each having at least 2 saved sessions). If an attacker creates two or more user sessions and then open the "consents" tab of the admin User Interface, the UI attempts to load a huge number of offline client sessions leading to excessive memory and CPU consumption which could potentially crash the entire system. | |||||
| CVE-2023-6476 | 1 Redhat | 2 Enterprise Linux, Openshift Container Platform | 2024-11-21 | N/A | 6.5 MEDIUM |
| A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node. | |||||
| CVE-2023-5408 | 1 Redhat | 1 Openshift Container Platform | 2024-11-21 | N/A | 7.2 HIGH |
| A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster. | |||||
| CVE-2023-5366 | 2 Openvswitch, Redhat | 5 Openvswitch, Enterprise Linux, Fast Datapath and 2 more | 2024-11-21 | N/A | 7.1 HIGH |
| A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. | |||||
| CVE-2023-4853 | 2 Quarkus, Redhat | 13 Quarkus, Build Of Optaplanner, Build Of Quarkus and 10 more | 2024-11-21 | N/A | 8.1 HIGH |
| A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service. | |||||
| CVE-2023-4066 | 1 Redhat | 4 Enterprise Linux, Jboss A-mq, Jboss Middleware and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker. | |||||
| CVE-2023-4065 | 1 Redhat | 4 Enterprise Linux, Jboss A-mq, Jboss Middleware and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. This flaw allows an authenticated local attacker to access information outside of their permissions. | |||||
| CVE-2023-3223 | 1 Redhat | 8 Enterprise Linux, Jboss Enterprise Application Platform, Jboss Enterprise Application Platform Text-only Advisories and 5 more | 2024-11-21 | N/A | 7.5 HIGH |
| A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null. | |||||
| CVE-2023-3153 | 2 Ovn, Redhat | 4 Open Virtual Network, Enterprise Linux, Fast Datapath and 1 more | 2024-11-21 | N/A | 5.3 MEDIUM |
| A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured. | |||||
| CVE-2023-3089 | 1 Redhat | 6 Enterprise Linux, Openshift Container Platform, Openshift Container Platform For Arm64 and 3 more | 2024-11-21 | N/A | 7.0 HIGH |
| A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. | |||||
| CVE-2023-2585 | 1 Redhat | 6 Enterprise Linux, Openshift Container Platform, Openshift Container Platform For Ibm Z and 3 more | 2024-11-21 | N/A | 3.5 LOW |
| Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible unauthorized access to an existing OAuth client. | |||||
| CVE-2023-2422 | 1 Redhat | 4 Enterprise Linux, Keycloak, Openshift Container Platform and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| A flaw was found in Keycloak. A Keycloak server configured to support mTLS authentication for OAuth/OpenID clients does not properly verify the client certificate chain. A client that possesses a proper certificate can authorize itself as any other client, therefore, access data that belongs to other clients. | |||||
| CVE-2023-1668 | 3 Cloudbase, Debian, Redhat | 7 Open Vswitch, Debian Linux, Enterprise Linux and 4 more | 2024-11-21 | N/A | 8.2 HIGH |
| A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow. | |||||