Lucene search
K
RedhatUpdate Infrastructure

7 matches found

CVE
CVE
added 2024/02/05 8:45 p.m.525 views

CVE-2023-50782

CVE-2023-50782 affects the python-cryptography library across multiple Linux distributions. The underlying issue is a Bleichenbacher timing/PKCS#1 v1.5 RSA decryption handling flaw that could allow a remote attacker to decrypt TLS RSA-exchange messages, potentially exposing confidential data. Aff...

7.5CVSS7.2AI score0.02454EPSS
CVE
CVE
added 2022/10/25 12:0 a.m.228 views

CVE-2022-3644

CVE-2022-3644 affects the collection remote for pulp_ansible, where tokens are stored in plaintext instead of pulp’s encrypted field and are exposed in read/write mode via the API rather than being write-only. This leads to potential disclosure of sensitive tokens (confidentiality impact per the ...

5.5CVSS5.8AI score0.00276EPSS
CVE
CVE
added 2024/02/05 8:45 p.m.211 views

CVE-2023-50781

CVE-2023-50781 affects the Python m2crypto library and relates to Bleichenbacher timing attacks against RSA decryption, enabling potential remote decryption of TLS traffic that uses RSA key exchanges. The vulnerability is tied to m2crypto’s RSA decryption API, with references noting this as an in...

7.5CVSS7.2AI score0.01124EPSS
CVE
CVE
added 2026/05/26 4:16 p.m.66 views

CVE-2026-48864

CVE-2026-48864 affects libsolv. The issue is a heap buffer overflow during decompression of attacker-controlled data in .solv files, caused by insufficient input validation in repopagestore. This can lead to out-of-bounds memory access with potential information disclosure, alteration of program ...

7.8CVSS5.9AI score0.00205EPSS
CVE
CVE
added 2019/11/04 12:58 p.m.48 views

CVE-2013-4518

Affected product: RHUI (Red Hat Update Infrastructure) 2.1.3. The vulnerability involves world‑readable PKI entitlement certificates, enabling information disclosure of sensitive PKI data. Root cause details are not fully specified in the provided documents, but the CNVD entry explicitly notes an...

5.5CVSS5.6AI score0.00258EPSS
CVE
CVE
added 2026/05/20 11:7 p.m.34 views

CVE-2026-9150

Libsolv contains a stack-based buffer overflow in the Debian metadata parser when processing specially crafted Debian repository metadata. The vulnerability is triggered by malicious SHA384/SHA512 checksum tags, causing memory corruption and a denial of service. Affected component: libsolv’s Debi...

6.5CVSS6.1AI score0.00399EPSS
CVE
CVE
added 2026/05/20 11:34 p.m.31 views

CVE-2026-9149

The CVE-2026-9149 entry describes a heap buffer overflow in libsolv, triggered when processing a crafted .solv file that contains negative size values fed to the repo_add_solv function. This results in an undersized allocation followed by an out-of-bounds write, enabling a potential denial of ser...

6.5CVSS5.9AI score0.00291EPSS