Lucene search
K
RedhatRecent

114832 matches found

RedHat Linux
RedHat Linux
•added 2026/06/19 4:39 p.m.•7 views

kernel: net/sched: act_pedit: extend the writable skb range per key

A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...

7.8CVSS5.8AI score0.00259EPSS
Exploits9References6
RedHat Linux
RedHat Linux
•added 2026/06/19 4:39 p.m.•6 views

kernel: RDMA/mana: Validate rx_hash_key_len

A flaw was found in the Linux kernel's RDMA/mana component. A local user could exploit this vulnerability by providing an invalid rxhashkeylen value through a user-space API uAPI structure. This invalid value is then used in a memcpy operation without proper bounds checking, allowing the user to...

7.8CVSS5.8AI score0.00142EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/19 9:14 a.m.•4 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nginx: nginx-1.30.3-2.hum1 aarch64, x8664 nginx-all-modules-1.30.3-2.hum1 noarch nginx-core-1.30.3-2.hum1 aarch64, x8664 nginx-filesystem-1.30.3-2.hum1 noarch nginx-mod-devel-1.30.3-2.hum1 aarch6...

9.2CVSS6.1AI score0.02887EPSS
Exploits1References4
RedHat Linux
RedHat Linux
•added 2026/06/19 2:3 a.m.•7 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: dotnet9.0: aspnetcore-runtime-9.0-9.0.17-1.hum1 aarch64, x8664 aspnetcore-runtime-dbg-9.0-9.0.17-1.hum1 aarch64, x8664 aspnetcore-targeting-pack-9.0-9.0.17-1.hum1 aarch64, x8664...

7.5CVSS5.2AI score0.00717EPSS
Exploits1References3
RedHat Linux
RedHat Linux
•added 2026/06/18 5:24 p.m.•6 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS5.3AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/18 5:24 p.m.•6 views

crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation

A flaw was found in Go's crypto/x509 package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service DoS for...

7.5CVSS5.3AI score0.00349EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/18 5:24 p.m.•6 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS7.5AI score0.00615EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/18 5:24 p.m.•6 views

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the HostnameError.Error function. This flaw, caused by unbounded string concatenation, leads to excessive resource...

7.5CVSS7.3AI score0.00459EPSS
Exploits2References8
RedHat Linux
RedHat Linux
•added 2026/06/18 5:24 p.m.•6 views

Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing

A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service DoS by providing a specially crafted FITS image file. The library's failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory...

8.7CVSS7.2AI score0.00671EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/18 5:24 p.m.•7 views

google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 :path pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed :path that omits the mandato...

9.1CVSS7.6AI score0.01557EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/18 5:24 p.m.•6 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS5.2AI score0.00292EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/18 5:24 p.m.•5 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.9AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/18 5:24 p.m.•15 views

Important: Red Hat Security Advisory: Satellite 6.16.9 Async Update

An update is now available for Red Hat Satellite 6.16 for RHEL 8 and RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.1CVSS7.7AI score0.01557EPSS
Exploits3References11
RedHat Linux
RedHat Linux
•added 2026/06/18 4:31 p.m.•11 views

Important: Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.10.0 release

Red Hat OpenShift distributed tracing platform Tempo 3.10.0 has been released This release of the Red Hat OpenShift distributed tracing platform Tempo provides new features, security improvements, and bug fixes. Breaking changes: None. Deprecations: None. Technology Preview features: None...

7.5CVSS7AI score0.01051EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/18 4:23 p.m.•7 views

Important: Red Hat Security Advisory: Red Hat Directory Server 13.2 container image update

An updated Red Hat Directory Server 13.2 container image for RHEL 10 is now available in the Red Hat container registry, including bug fixes and security patches. Red Hat Directory Server is an LDAPv3-compliant directory server. The image is maintained by Red Hat and updated regularly. To pull th...

7.5CVSS5.2AI score0.00815EPSS
Exploits0References4
RedHat Linux
RedHat Linux
•added 2026/06/18 4:16 p.m.•14 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.64 packages and security update

Red Hat OpenShift Container Platform release 4.16.64 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

7.5CVSS8.2AI score0.00728EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/18 4:16 p.m.•7 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS8.3AI score0.00728EPSS
Exploits0References8
RedHat Linux
RedHat Linux
•added 2026/06/18 4:11 p.m.•11 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.64 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.64 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

8.8CVSS6AI score0.03663EPSS
Exploits21References8
RedHat Linux
RedHat Linux
•added 2026/06/18 2:45 p.m.•9 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.17

Red Hat OpenShift Service Mesh 2.6.17 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh...

7.5CVSS5.8AI score0.11471EPSS
Exploits7References6
RedHat Linux
RedHat Linux
•added 2026/06/18 5:28 a.m.•10 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: dotnet8.0: aspnetcore-runtime-8.0-8.0.28-1.hum1 aarch64, x8664 aspnetcore-runtime-dbg-8.0-8.0.28-1.hum1 aarch64, x8664 aspnetcore-targeting-pack-8.0-8.0.28-1.hum1 aarch64, x8664...

7.5CVSS5.3AI score0.0243EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•8 views

netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers

A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested PP2TYPESSL type-length-value TLV records. This can lead to a memory leak, causing the underlying cumulation...

8.7CVSS5.6AI score0.0059EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•9 views

io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records

A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...

10CVSS5.3AI score0.00285EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•8 views

netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message

A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2TYPESSL TLV Type-Length-Value header. This can lead to an IndexOutOfBoundsException...

7.5CVSS5.4AI score0.00578EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•8 views

io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters

A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure...

7.5CVSS5.3AI score0.00392EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•7 views

netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager X509TrustManager, it fails to perform...

7.5CVSS5.3AI score0.00269EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•7 views

netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the DelegatingDecompressorFrameListener class. This resource leak could lead to an Out Of Memory Error OOME, potentially causing a Denial of Service DoS by taking down th...

7.5CVSS5.4AI score0.00578EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•7 views

netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS...

10CVSS5.2AI score0.00218EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•8 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS5.4AI score0.00461EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•8 views

netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...

8.1CVSS5.3AI score0.00552EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•14 views

Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation

A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This...

7.3CVSS5.3AI score0.00632EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•8 views

Apache Thrift: Apache Thrift: Denial of Service via excessive memory allocation

A flaw was found in Apache Thrift. This vulnerability involves a Memory Allocation with Excessive Size Value, which could allow an attacker to trigger resource exhaustion. By providing an overly large size value during memory allocation, an attacker can cause the affected system to become...

7.5CVSS5.4AI score0.00665EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 11:5 p.m.•16 views

Important: Red Hat Security Advisory: Red Hat build of Apache Camel 4.18 for Quarkus 3.33 security update

A security update for Red Hat build of Apache Camel 4.18 for Quarkus 3.33 is now available. This text-only errata provides information about enhancements that improve your developer experience and ensure the security and stability of your applications. Red Hat Product Security has rated this upda...

10CVSS5.4AI score0.00665EPSS
Exploits1References16
RedHat Linux
RedHat Linux
•added 2026/06/17 9:2 p.m.•8 views

io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters

A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure...

7.5CVSS5.3AI score0.00392EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/17 9:2 p.m.•9 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.20.6.SP2 security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

7.5CVSS5.3AI score0.00392EPSS
Exploits1References4
RedHat Linux
RedHat Linux
•added 2026/06/17 8:45 p.m.•12 views

Important: Red Hat Security Advisory: RHOAI 3.5-ea.1 - Red Hat OpenShift AI

Updated images are now available for Red Hat OpenShift AI. Release of RHOAI 3.5-ea.1 provides these changes:...

7.5CVSS7.6AI score0.00459EPSS
Exploits2References3
RedHat Linux
RedHat Linux
•added 2026/06/17 6:6 p.m.•14 views

Important: Red Hat Security Advisory: xorg-x11-server security, bug fix, and enhancement update

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

7.8CVSS5.8AI score0.00165EPSS
Exploits0References10
RedHat Linux
RedHat Linux
•added 2026/06/17 6:6 p.m.•7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS5.3AI score0.00148EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 6:6 p.m.•7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow()

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...

5.5CVSS5.3AI score0.00136EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 6:6 p.m.•8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...

7.8CVSS5.3AI score0.0014EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 6:6 p.m.•11 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS5.3AI score0.00154EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 6:6 p.m.•8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel XkbNumKbdGroups but CheckKeyTypes does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift...

7.8CVSS5.7AI score0.00161EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 6:6 p.m.•7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes

An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...

5.5CVSS5.3AI score0.00127EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 6:6 p.m.•7 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. XkbSetMapChecks declares a fixed-size stack buffer mapWidths256 indexed by key type index. The helper function CheckKeyTypes writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This...

7.8CVSS5.9AI score0.00165EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 6:6 p.m.•8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

7.8CVSS5.3AI score0.00142EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 6:6 p.m.•8 views

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS5.6AI score0.00157EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/17 5:18 p.m.•12 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.18.44 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

9.8CVSS5.5AI score0.00563EPSS
Exploits3References7
RedHat Linux
RedHat Linux
•added 2026/06/17 5:4 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: dracut: dracut-109-6.hum1 aarch64, x8664 dracut-caps-109-6.hum1 aarch64, x8664 dracut-config-generic-109-6.hum1 aarch64, x8664 dracut-config-rescue-109-6.hum1 aarch64, x8664 dracut-live-109-6.hum...

7.5CVSS5.8AI score0.01131EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/17 4:57 p.m.•9 views

Important: Red Hat Security Advisory: ruby:3.3 security update

An update for the ruby:3.3 module is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

8.1CVSS6AI score0.01131EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/17 4:57 p.m.•7 views

erb: ERB: Arbitrary code execution via deserialization bypass

A flaw was found in ERB, a templating system for Ruby. An attacker who can trigger deserialization of untrusted data in a Ruby application can bypass existing protections. This vulnerability allows for arbitrary code execution by exploiting specific public methods that evaluate template source...

8.1CVSS6.2AI score0.01131EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/17 4:18 p.m.•8 views

io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters

A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure...

7.5CVSS5.4AI score0.00392EPSS
Exploits1References5
Total number of security vulnerabilities114832