Lucene search
K

40 matches found

redhat
redhat
added 2024/11/21 10:6 p.m.4 views

Important: Red Hat Bug Fix Advisory: Red Hat Developer Hub 1.2.5 bugfix release

Red Hat Developer Hub 1.2.5 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

7.5CVSS6.6AI score0.00511EPSS
Exploits0References4
redhat
redhat
added 2024/03/18 6:49 p.m.14 views

Important: Red Hat Enhancement Advisory: Red Hat Developer Hub 1.1 release

Red Hat Developer Hub 1.1 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single pa...

9.8CVSS7AI score0.99999EPSS
Exploits21References1
osv
osv
added 2024/01/04 12:30 p.m.14 views

GHSA-86RG-PF4C-5GRG @backstage/backend-app-api leaks GitLab access tokens

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

7.3CVSS5.4AI score0.00561EPSS
Exploits0References10
github
github
added 2024/01/04 12:30 p.m.36 views

@backstage/backend-app-api leaks GitLab access tokens

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

5.7CVSS6.9AI score0.00561EPSS
Exploits0References10Affected Software1
nvd
nvd
added 2024/01/04 10:15 a.m.33 views

CVE-2023-6944

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

5.7CVSS5.5AI score0.00561EPSS
Exploits0References3
prion
prion
added 2024/01/04 10:15 a.m.19 views

Code injection

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

3.5CVSS6.9AI score0.00561EPSS
Exploits0References2Affected Software2
osv
osv
added 2024/01/04 10:2 a.m.12 views

CVE-2023-6944 Rhdh: catalog-import function leaks credentials to frontend

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

5.7CVSS6.6AI score0.00561EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2024/01/04 10:2 a.m.3 views

CVE-2023-6944 Rhdh: catalog-import function leaks credentials to frontend

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

5.7CVSS5.4AI score0.00561EPSS
Exploits0References3
cvelist
cvelist
added 2024/01/04 10:2 a.m.34 views

CVE-2023-6944 Rhdh: catalog-import function leaks credentials to frontend

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

5.7CVSS5.7AI score0.00561EPSS
Exploits0References3
cve
cve
added 2024/01/04 10:2 a.m.129 views

CVE-2023-6944

CVE-2023-6944 affects Red Hat Developer Hub (RHDH). The catalog-import function leaks GitLab access tokens on the frontend when the base64 GitLab token ends with a newline, causing the sanitized error to reveal the raw token. With access to the token and appropriate permissions, an attacker could...

5.7CVSS5.4AI score0.00561EPSS
Exploits0References3Affected Software1
redhatcve
redhatcve
added 2023/12/19 9:26 p.m.38 views

CVE-2023-6944

A flaw was found in the Red Hat Developer Hub RHDH. The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gainin...

5.7CVSS5.4AI score0.00561EPSS
Exploits0References3
nessus
nessus
added 2022/09/15 12:0 a.m.60 views

RHEL 7 : rust-toolset-1.49 and rust-toolset-1.49-rust update (Low) (RHSA-2021:2243)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2243 advisory. Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-vendor plugin, an...

9.8CVSS8.2AI score0.01676EPSS
Exploits2References8
redhat
redhat
added 2021/11/15 11:50 a.m.134 views

Moderate: Red Hat Security Advisory: devtoolset-11-gcc security update

An update for devtoolset-11-gcc is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.3CVSS7.1AI score0.12205EPSS
Exploits4References3
redhat
redhat
added 2020/05/26 10:45 a.m.88 views

Moderate: Red Hat Security Advisory: devtoolset-9-gcc security and bug fix update

An update for devtoolset-9-gcc is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.9AI score0.03207EPSS
Exploits0References7
redhat
redhat
added 2019/12/10 11:53 a.m.4 views

Moderate: Red Hat Enhancement Advisory: new packages: go-toolset-1.12

New go-toolset-1.12 packages are now available as a part of Red Hat Developer Tools for Red Hat Enterprise Linux. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. This enhancement update adds the go-toolset-1.12 packages to Red Hat Develope...

9.8CVSS7.2AI score0.08359EPSS
Exploits1References4
nessus
nessus
added 2015/01/08 12:0 a.m.32 views

RHEL 6 : glibc (RHSA-2015:0016)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0016 advisory. The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the Name Serv...

5CVSS8.3AI score0.06564EPSS
Exploits1References7
centos
centos
added 2015/01/07 10:45 p.m.86 views

glibc, nscd security update

CentOS Errata and Security Advisory CESA-2015:0016 Updated glibc packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...

5CVSS7.2AI score0.06564EPSS
Exploits1References7
nessus
nessus
added 2014/12/22 12:0 a.m.45 views

CentOS 7 : glibc (CESA-2014:2023)

Updated glibc packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

4.6CVSS8.5AI score0.00578EPSS
Exploits0References2
redhat
redhat
added 2014/12/18 8:31 p.m.58 views

Moderate: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

4.6CVSS7.3AI score0.00578EPSS
Exploits0References3
nessus
nessus
added 2014/11/08 12:0 a.m.44 views

RHEL 6 : devtoolset-2-axis (RHSA-2014:1123)

An updated devtoolset-2-axis package that fixes one security issue is now available for Red Hat Developer Toolset 2. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

5.8CVSS7.2AI score0.05722EPSS
Exploits1References3
Rows per page
Query Builder