Red Hat

924 tracked vulnerabilities.

CVE-2024-4437 HIGH
Red Hat OpenStack Platform 16.1-18.0 - Uncontrolled Resource Consumption in etcd Package
May 08, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-4436 HIGH
Red Hat OpenStack Platform 16.1-18.0 - Uncontrolled Resource Consumption
May 08, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-4418 MEDIUM
Red Hat Enterprise Linux 8 - Stack Use-After-Free via virtproxyd Race Condition
May 08, 2024
CVSS 6.2
EPSS 0.00
CVE-2024-4029 MEDIUM
Wildfly - Denial of Service via Unlimited Management Interface Sockets
May 02, 2024
CVSS 4.1
EPSS 0.00
CVE-2024-4369 MEDIUM
Red Hat OpenShift Container Platform 4.14-4.15 - Cleartext Storage of Sensitive Information in Environment Variable
May 01, 2024
CVSS 6.8
EPSS 0.01
CVE-2024-3154 HIGH
cri-o 1.29.0-1.29.3 - Unauthenticated Arbitrary Systemd Property Injection via Pod Annotation
Apr 26, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-3625 HIGH
mirror registry for Red Hat OpenShift - Plaintext Password Storage in Jinja config.yaml
Apr 25, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-3624 HIGH
mirror registry for Red Hat OpenShift - Plaintext Password Storage in config.yaml
Apr 25, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-2905 MEDIUM
Red Hat Enterprise Linux 10 - Incorrect Permission Assignment for /etc/shadow
Apr 25, 2024
CVSS 6.2
EPSS 0.00
CVE-2024-2467 MEDIUM
perl-Crypt-OpenSSL-RSA - Info Disclosure
Apr 25, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-1726 MEDIUM
Quarkus RESTEasy Reactive 3.8.0.CR1-3.8.0 - Denial of Service via JAX-RS Endpoint Serialization
Apr 25, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-1657 HIGH
Red Hat Ansible Automation Platform 2.4 for RHEL 8/9 - Cleartext Transmission of Sensitive Information via WebSocket
Apr 25, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-1139 HIGH
OpenShift cluster-monitoring-operator - Exposure of Sensitive Information via Pod Manifest
Apr 25, 2024
CVSS 7.7
EPSS 0.01
CVE-2024-0874 MEDIUM
CoreDNS < 1.11.2 - Use of Cache Containing Sensitive Information
Apr 25, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-2419 HIGH
Keycloak < 22.0.10 - Open Redirect via redirect_uri Validation Bypass
Apr 17, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-1249 HIGH
Keycloak < 22.0.10 - Unauthenticated Denial of Service via OIDC checkLoginIframe Origin Validation Error
Apr 17, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-1132 HIGH
Keycloak >=21.1.0 <22.0.10 - Open Redirect via Wildcard Valid Redirect URIs
Apr 17, 2024
CVSS 8.1
EPSS 0.02
CVE-2024-1481 MEDIUM
Red Hat Enterprise Linux 8 - Denial of Service via Crafted HTTP Request Parameters
Apr 10, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-3446 HIGH
Red Hat Enterprise Linux 8 - Double Free in QEMU Virtio Devices
Apr 09, 2024
CVSS 8.2
EPSS 0.00
CVE-2024-1233 HIGH
WildFly Elytron Realm Token - Server-Side Request Forgery via JwtValidator.resolvePublicKey
Apr 09, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-31083 HIGH
Red Hat Enterprise Linux - Use-After-Free in ProcRenderAddGlyphs
Apr 05, 2024
CVSS 7.8
EPSS 0.02
CVE-2024-3296 MEDIUM
Red Hat Enterprise Linux 8 and 9 - Observable Timing Discrepancy in rust-openssl PKCS#1v1.5 RSA Padding
Apr 04, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-31082 HIGH
Red Hat Enterprise Linux 6-10 - Heap-Based Buffer Over-read in ProcAppleDRICreatePixmap
Apr 04, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-31081 HIGH
Red Hat Enterprise Linux - Heap-Based Buffer Over-read in X.org Server ProcXIPassiveGrabDevice
Apr 04, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-31080 HIGH
Red Hat Enterprise Linux X.org Server - Heap-Based Buffer Over-read in ProcXIGetSelectedEvents
Apr 04, 2024
CVSS 7.3
EPSS 0.01
Products
Red Hat Enterprise Linux 9 543 Red Hat Enterprise Linux 8 541 Red Hat Enterprise Linux 10 461 Red Hat Enterprise Linux 7 452 Red Hat Enterprise Linux 6 412 Red Hat OpenShift Container Platform 4 209 Red Hat In-Vehicle Operating System 1 195 Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support 136 Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support 127 Red Hat Enterprise Linux 9.4 Extended Update Support 116 Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions 100 Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions 95 Red Hat Hardened Images 95 Red Hat Enterprise Linux 7 Extended Lifecycle Support 94 Red Hat Enterprise Linux 8.6 Telecommunications Update Service 93 Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 93 Red Hat Enterprise Linux 8.8 Telecommunications Update Service 92 Red Hat Enterprise Linux 8.2 Advanced Update Support 89 Red Hat Build of Keycloak 87 Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On 83 Red Hat Enterprise Linux 9.6 Extended Update Support 70 Red Hat Enterprise Linux 10.0 Extended Update Support 68 Red Hat Enterprise Linux 9.2 Extended Update Support 67 Red Hat build of Keycloak 26.4 64 Red Hat Enterprise Linux 8.8 Extended Update Support 60 Red Hat JBoss Enterprise Application Platform 8 58 Red Hat JBoss Enterprise Application Platform Expansion Pack 58 Red Hat Single Sign-On 7 53 Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On 45