Filtered by vendor Redhat
Subscriptions
Total
23068 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40370 | 3 Ibm, Microsoft, Redhat | 4 Robotic Process Automation, Robotic Process Automation For Cloud Pak, Windows and 1 more | 2024-11-21 | 3.7 Low |
| IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. IBM X-Force ID: 263470. | ||||
| CVE-2023-40341 | 2 Jenkins, Redhat | 2 Blue Ocean, Ocp Tools | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job. | ||||
| CVE-2023-40339 | 3 Jenkins, Jenkins Project, Redhat | 3 Config File Provider, Jenkins Config File Provider Plugin, Ocp Tools | 2024-11-21 | 7.5 High |
| Jenkins Config File Provider Plugin 952.va_544a_6234b_46 and earlier does not mask (i.e., replace with asterisks) credentials specified in configuration files when they're written to the build log. | ||||
| CVE-2023-40338 | 2 Jenkins, Redhat | 2 Folders, Ocp Tools | 2024-11-21 | 4.3 Medium |
| Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system. | ||||
| CVE-2023-40337 | 2 Jenkins, Redhat | 2 Folders, Ocp Tools | 2024-11-21 | 4.3 Medium |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder. | ||||
| CVE-2023-40336 | 2 Jenkins, Redhat | 2 Folders, Ocp Tools | 2024-11-21 | 8.8 High |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders. | ||||
| CVE-2023-40225 | 2 Haproxy, Redhat | 4 Haproxy, Enterprise Linux, Openshift and 1 more | 2024-11-21 | 7.2 High |
| HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request. | ||||
| CVE-2023-40175 | 2 Puma, Redhat | 2 Puma, Satellite | 2024-11-21 | 7.3 High |
| Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is highly dependent on the nature of the web site using puma is. This could be caused by either incorrect parsing of trailing fields in chunked transfer encoding bodies or by parsing of blank/zero-length Content-Length headers. Both issues have been addressed and this vulnerability has been fixed in versions 6.3.1 and 5.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-40029 | 2 Argoproj, Redhat | 2 Argo Cd, Openshift Gitops | 2024-11-21 | 9.9 Critical |
| Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD / kubectl apply. As a result, the full secret body is stored in`kubectl.kubernetes.io/last-applied-configuration` annotation. pull request #7139 introduced the ability to manage cluster labels and annotations. Since clusters are stored as secrets it also exposes the `kubectl.kubernetes.io/last-applied-configuration` annotation which includes full secret body. In order to view the cluster annotations via the Argo CD API, the user must have `clusters, get` RBAC access. **Note:** In many cases, cluster secrets do not contain any actually-secret information. But sometimes, as in bearer-token auth, the contents might be very sensitive. The bug has been patched in versions 2.8.3, 2.7.14, and 2.6.15. Users are advised to upgrade. Users unable to upgrade should update/deploy cluster secret with `server-side-apply` flag which does not use or rely on `kubectl.kubernetes.io/last-applied-configuration` annotation. Note: annotation for existing secrets will require manual removal. | ||||
| CVE-2023-40025 | 2 Argoproj, Redhat | 2 Argo Cd, Openshift Gitops | 2024-11-21 | 4.7 Medium |
| Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting from version 2.6.0 have a bug where open web terminal sessions do not expire. This bug allows users to send any websocket messages even if the token has already expired. The most straightforward scenario is when a user opens the terminal view and leaves it open for an extended period. This allows the user to view sensitive information even when they should have been logged out already. A patch for this vulnerability has been released in the following Argo CD versions: 2.6.14, 2.7.12 and 2.8.1. | ||||
| CVE-2023-3978 | 2 Golang, Redhat | 8 Networking, Cryostat, Enterprise Linux and 5 more | 2024-11-21 | 6.1 Medium |
| Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack. | ||||
| CVE-2023-3775 | 2 Hashicorp, Redhat | 2 Vault, Openshift | 2024-11-21 | 4.2 Medium |
| A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8. | ||||
| CVE-2023-3748 | 2 Frrouting, Redhat | 2 Frrouting, Enterprise Linux | 2024-11-21 | 3.5 Low |
| A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the unicast flag set, the interval field set to 0, or any TLV that contains a sub-TLV with the Mandatory flag set to enter an infinite loop and cause a denial of service. | ||||
| CVE-2023-3635 | 2 Redhat, Squareup | 6 Amq Streams, Jboss Enterprise Bpms Platform, Jboss Fuse and 3 more | 2024-11-21 | 5.9 Medium |
| GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This may lead to denial of service of the Okio client when handling a crafted GZIP archive, by using the GzipSource class. | ||||
| CVE-2023-3603 | 2 Libssh, Redhat | 2 Libssh, Enterprise Linux | 2024-11-21 | 3.1 Low |
| A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticated user's sftp server connection (if implemented as forking as recommended). For thread-based servers, this might also cause DoS for legitimate users. Given this code is not in any released versions, no security releases have been issued. | ||||
| CVE-2023-3462 | 2 Hashicorp, Redhat | 3 Vault, Openshift, Openshift Data Foundation | 2024-11-21 | 5.3 Medium |
| HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. An attacker may submit requests of existent and non-existent LDAP users and observe the response from Vault to check if the account is valid on the LDAP server. This vulnerability is fixed in Vault 1.14.1 and 1.13.5. | ||||
| CVE-2023-3430 | 2 Openimageio, Redhat | 2 Openimageio, Linux | 2024-11-21 | 7.5 High |
| A vulnerability was found in OpenImageIO, where a heap buffer overflow exists in the src/gif.imageio/gifinput.cpp file. This flaw allows a remote attacker to pass a specially crafted file to the application, which triggers a heap-based buffer overflow and could cause a crash, leading to a denial of service. | ||||
| CVE-2023-3361 | 2 Opendatahub, Redhat | 2 Open Data Hub Dashboard, Openshift Data Science | 2024-11-21 | 7.7 High |
| A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra notebook pipeline editor as Python DSL or YAML, it reads S3 credentials from the cluster (ds pipeline server) and saves them in plain text in the generated output instead of an ID for a Kubernetes secret. | ||||
| CVE-2023-3247 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2024-11-21 | 2.6 Low |
| In PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce. | ||||
| CVE-2023-3223 | 1 Redhat | 21 Enterprise Linux, Integration, Jboss Data Grid and 18 more | 2024-11-21 | 7.5 High |
| A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null. | ||||