CVSS: 5.0EPSS: 3%CPEs: 14EXPL: 1CVE-2023-0264 – keycloak: user impersonation via stolen uuid code
https://notcve.org/view.php?id=CVE-2023-0264
02 Mar 2023 — A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability. Se ha encontrado un fallo en la autenticación de usuarios en OpenID Connect de Keycloak, que podría autenticar incorrectamente las solicitudes. Un atacante... • https://github.com/twwd/CVE-2023-0264 • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 6.8EPSS: 0%CPEs: 15EXPL: 0CVE-2022-3916 – Keycloak: session takeover with oidc offline refreshtokens
https://notcve.org/view.php?id=CVE-2022-3916
13 Dec 2022 — A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user. Se encontró una falla en el alcance offline_access en Keyclo... • https://access.redhat.com/errata/RHSA-2022:8961 • CWE-384: Session Fixation CWE-613: Insufficient Session Expiration •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3259 – OpenShift: Missing HTTP Strict Transport Security
https://notcve.org/view.php?id=CVE-2022-3259
09 Dec 2022 — Openshift 4.9 does not use HTTP Strict Transport Security (HSTS) which may allow man-in-the-middle (MITM) attacks. Openshift 4.9 no utiliza HTTP Strict Transport Security (HSTS), que puede permitir ataques de intermediario (MITM). Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include by... • https://bugzilla.redhat.com/show_bug.cgi?id=2103220 • CWE-665: Improper Initialization •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3260
https://notcve.org/view.php?id=CVE-2022-3260
08 Dec 2022 — The response header has not enabled X-FRAME-OPTIONS, Which helps prevents against Clickjacking attack.. Some browsers would interpret these results incorrectly, allowing clickjacking attacks. El encabezado de respuesta no ha habilitado X-FRAME-OPTIONS, lo que ayuda a prevenir ataques de Clickjacking. Algunos navegadores interpretarían estos resultados incorrectamente, permitiendo ataques de clickjacking. • https://bugzilla.redhat.com/show_bug.cgi?id=2106780 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3262
https://notcve.org/view.php?id=CVE-2022-3262
08 Dec 2022 — A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability. Se encontró un fallo en Openshift. Un pod con una política DNS de "ClusterFirst" puede resolver incorrectamente el nombre de host según un servicio proporcionado. • https://bugzilla.redhat.com/show_bug.cgi?id=2128858 • CWE-453: Insecure Default Variable Initialization CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 7.5EPSS: 0%CPEs: 41EXPL: 0CVE-2021-3695 – grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap
https://notcve.org/view.php?id=CVE-2021-3695
10 Jun 2022 — A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an attacker needs to perform some triage over the heap layout to achieve signifcant results, also the values written into the memory are repeated three times in a row making difficult to produce valid payloads. This flaw af... • https://bugzilla.redhat.com/show_bug.cgi?id=1991685 • CWE-787: Out-of-bounds Write •
CVSS: 6.9EPSS: 0%CPEs: 40EXPL: 0CVE-2021-3696 – grub2: Crafted PNG image may lead to out-of-bound write during huffman table handling
https://notcve.org/view.php?id=CVE-2021-3696
10 Jun 2022 — A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of corrupted Huffman entries to achieve results such as arbitrary code execution and/or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. Puede producirse una escritura fuera de límites de la p... • https://bugzilla.redhat.com/show_bug.cgi?id=1991686 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 39EXPL: 0CVE-2021-3697 – grub2: Crafted JPEG image can lead to buffer underflow write in the heap
https://notcve.org/view.php?id=CVE-2021-3697
10 Jun 2022 — A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. Una imagen JPEG diseñada puede conllevar que el lector de JPEG desborde su p... • https://bugzilla.redhat.com/show_bug.cgi?id=1991687 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 1CVE-2022-1708 – cri-o: memory exhaustion on the node when access to the kube api
https://notcve.org/view.php?id=CVE-2022-1708
07 Jun 2022 — A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the ... • https://bugzilla.redhat.com/show_bug.cgi?id=2085361 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2022-1677 – openshift/router: route hijacking attack via crafted HAProxy configuration file
https://notcve.org/view.php?id=CVE-2022-1677
25 May 2022 — In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files. This malformed entry can match any arbitrary hostname, or all hostnames in the cluster, and direct traffic to an arbitrary application within the cluster, including one under attacker control. En OpenShift Container Platform, un usuario con permisos para crear o modificar rutas puede diseñar una carga útil que ins... • https://access.redhat.com/security/cve/CVE-2022-1677 • CWE-280: Improper Handling of Insufficient Permissions or Privileges CWE-400: Uncontrolled Resource Consumption •