Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2024:0853
HistoryFeb 21, 2024 - 1:29 p.m.

(RHSA-2024:0853) Moderate: Network Observability 1.5.0 for OpenShift

2024-02-2113:29:48
access.redhat.com
5
cve-2023-26159
improper input validation
network observability 1.5.0
openshift

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.72 High

EPSS

Percentile

98.0%

JSON

Network Observability 1.5.0

Security Fix(es):

  • CVE-2023-26159 follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

redhat 27
osv 14
rocky 2
nessus 71
almalinux 7
gentoo 2
oraclelinux 7
openvas 40
debian 2
redos 2
fedora 5
cloudfoundry 1
qualysblog 1
aix 1
amazon 1
slackware 1
ubuntu 3
ibm 3
cisco 1
mageia 1
paloalto 1
thn 2
freebsd 1
photon 3
redhat
redhat
(RHSA-2024:1203) Important: Red Hat OpenShift for Windows Containers 9.0.1 security update
2024-03-07 06:36:15
(RHSA-2024:0954) Important: Red Hat OpenShift for Windows Containers 10.15.0 security update
2024-02-27 15:14:38
(RHSA-2024:1477) Moderate: Red Hat OpenShift for Windows Containers 8.1.2 security update
2024-03-25 00:29:37
osv
osv
Moderate: rpm security update
2024-02-01 00:00:00
Low: glib2 security and bug fix update
2023-11-07 00:00:00
Moderate: rpm security update
2024-01-25 00:00:00
rocky
rocky
rpm security update
2024-02-12 20:17:16
curl security update
2023-10-24 18:36:52
nessus
nessus
RHEL 8 : rpm (RHSA-2024:0647)
2024-02-01 00:00:00
RHEL 9 : glib2 (RHSA-2023:6631)
2023-11-07 00:00:00
Oracle Linux 9 : glib2 (ELSA-2023-6631)
2023-11-16 00:00:00
almalinux
almalinux
Moderate: rpm security update
2024-02-01 00:00:00
Moderate: rpm security update
2024-01-25 00:00:00
Low: glib2 security and bug fix update
2023-11-07 00:00:00
gentoo
gentoo
GLib: Multiple Vulnerabilities
2023-11-27 00:00:00
RPM: Multiple Vulnerabilities
2022-10-31 00:00:00
oraclelinux
oraclelinux
glib2 security and bug fix update
2023-11-11 00:00:00
rpm security update
2024-02-02 00:00:00
rpm security update
2024-01-25 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3583-1)
2023-09-26 00:00:00
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2023-1174)
2023-01-12 00:00:00
Fedora: Security Advisory for mingw-glib2 (FEDORA-2023-9e5a29a25d)
2023-06-17 00:00:00
debian
debian
[SECURITY] [DLA 3583-1] glib2.0 security update
2023-09-25 17:58:49
[SECURITY] [DSA 5523-1] curl security update
2023-10-11 06:59:12
redos
redos
ROS-20240410-21
2024-04-10 00:00:00
ROS-20231016-05
2023-10-16 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: mingw-glib2-2.74.7-1.fc38
2023-06-16 02:22:05
[SECURITY] Fedora 37 Update: mingw-glib2-2.74.7-1.fc37
2023-06-16 02:15:09
[SECURITY] Fedora 39 Update: curl-8.2.1-3.fc39
2023-10-16 15:27:49
cloudfoundry
cloudfoundry
USN-6429-1: curl vulnerabilities | Cloud Foundry
2023-11-09 00:00:00
qualysblog
qualysblog
Curl 8.4.0 – Proactively Identifying Potential Vulnerable Assets
2023-10-06 00:14:06
aix
aix
Multiple vulnerabilities in cURL libcurl affect AIX
2023-12-11 13:22:02
amazon
amazon
Important: curl
2023-10-10 21:19:00
slackware
slackware
[slackware-security] curl
2023-10-11 06:45:13
ubuntu
ubuntu
curl vulnerabilities
2023-10-17 00:00:00
GLib vulnerabilities
2023-10-19 00:00:00
curl vulnerabilities
2023-10-11 00:00:00
ibm
ibm
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to libcurl vulnerabilities (CVE-2023-38546, CVE-2023-38545)
2023-11-17 12:13:59
Security Bulletin: IBM App Connect Enterprise is vulnerable to a heap-based buffer overflow due to libcurl and cURL. (CVE-2023-38546, CVE-2023-38545)
2023-11-20 15:27:29
Security Bulletin: Multiple vulnerabilities in cURL libcurl affect AIX
2023-12-11 20:15:23
cisco
cisco
cURL and libcurl Vulnerability Affecting Cisco Products: October 2023
2023-10-12 16:00:00
mageia
mageia
Updated the curl packages to fix two security vulnerabilities
2023-10-14 01:56:51
paloalto
paloalto
Impact of curl and libcurl Vulnerabilities (CVE-2023-38545, CVE-2023-38546)
2023-10-12 20:40:00
thn
thn
Two High-Risk Security Flaws Discovered in Curl Library - New Patches Released
2023-10-12 04:39:00
Security Patch for Two New Flaws in Curl Library Arriving on October 11
2023-10-09 10:32:00
freebsd
freebsd
rpm4 -- Multiple Vulnerabilities
2022-08-22 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0500
2023-10-28 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0113
2023-10-11 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0487
2023-10-11 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.72 High

EPSS

Percentile

98.0%

JSON
Related for RHSA-2024:0853
redhat27osv14rocky2nessus71almalinux7gentoo2oraclelinux7openvas40debian2redos2fedora5cloudfoundry1qualysblog1aix1amazon1slackware1ubuntu3ibm3cisco1mageia1paloalto1thn2freebsd1photon3