Filtered by vendor Redhat
Subscribe
Filtered by product Openshift Container Platform For Ibm Z
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-2585 | 1 Redhat | 6 Enterprise Linux, Openshift Container Platform, Openshift Container Platform For Ibm Z and 3 more | 2024-02-05 | N/A | 8.1 HIGH |
Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible unauthorized access to an existing OAuth client. | |||||
CVE-2020-8945 | 3 Fedoraproject, Gpgme Project, Redhat | 10 Fedora, Gpgme, Enterprise Linux and 7 more | 2024-02-04 | 5.1 MEDIUM | 7.5 HIGH |
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification. |