Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatOpenshift Container Platform Ibm Z Systems

8 matches found

CVE
CVEadded 2023/03/23 9:15 p.m.866 views

CVE-2023-0056

An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.

6.5CVSS6.3AI score0.00148EPSS
CVE
CVEadded 2023/09/20 3:15 p.m.261 views

CVE-2022-3916

A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to ...

6.8CVSS7.1AI score0.00226EPSS
CVE
CVEadded 2023/08/04 6:15 p.m.250 views

CVE-2023-0264

A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue c...

5CVSS4.5AI score0.03396EPSS
CVE
CVEadded 2023/09/25 8:15 p.m.193 views

CVE-2022-4318

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.

7.8CVSS7.4AI score0.00042EPSS
CVE
CVEadded 2023/07/05 1:15 p.m.181 views

CVE-2023-3089

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

7.5CVSS7.4AI score0.00053EPSS
CVE
CVEadded 2023/11/01 2:15 p.m.168 views

CVE-2023-5625

A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.

7.5CVSS5.7AI score0.00097EPSS
CVE
CVEadded 2023/12/14 10:15 p.m.160 views

CVE-2023-6134

A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomple...

5.4CVSS5.3AI score0.01836EPSS
CVE
CVEadded 2024/09/03 8:15 p.m.83 views

CVE-2024-4629

A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This ...

6.5CVSS6.6AI score0.00166EPSS