Lucene search
K
RedhatOpenshift Developer Tools And Services

4 matches found

cve
cve
added 2023/10/10 12:0 a.m.5308 views

CVE-2023-44487

CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...

7.5CVSS8AI score0.99999EPSS
In wild
cve
cve
added 2023/12/18 12:0 a.m.4936 views

CVE-2023-48795

CVE-2023-48795 is referenced across several connected advisories, detailing affected packages and required upgrades. Astra Linux/CBL-Mariner entries note: podman (<5.6.1-2) needs upgrade, erlang (<25.2-1), libssh2 (<1.11.1-1), libssh (<0.10.6-1), terraform (<1.3.2-25), kubevirt (&l...

5.9CVSS6.7AI score0.93305EPSS
cve
cve
added 2023/06/06 12:0 a.m.518 views

CVE-2023-2253

CVE-2023-2253 concerns the /v2/_catalog endpoint in distribution/distribution, where the query parameter n controls the maximum number of records returned. The flaw allows a malicious user to supply an unreasonably large n, potentially triggering allocation of a massive string array and causing m...

6.5CVSS6.2AI score0.00938EPSS
Web
cve
cve
added 2024/02/13 11:31 p.m.121 views

CVE-2024-1485

CVE-2024-1485 affects the registry-support library’s decompression logic. An unauthenticated attacker can trick a user into parsing a devfile that uses the parent or plugin keywords, causing the decompressor to extract archives with relative paths that write outside the intended scope. This can l...

9.3CVSS7.7AI score0.00942EPSS