CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-12086 – Rsync: rsync server leaks arbitrary client files
https://notcve.org/view.php?id=CVE-2024-12086
14 Jan 2025 — A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte ba... • https://access.redhat.com/security/cve/CVE-2024-12086 • CWE-390: Detection of Error Condition Without Action •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2024-12085 – Rsync: info leak via uninitialized stack contents
https://notcve.org/view.php?id=CVE-2024-12085
14 Jan 2025 — A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitializ... • https://access.redhat.com/security/cve/CVE-2024-12085 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45497 – Openshift-api: build process in openshift allows overwriting of node pull credentials
https://notcve.org/view.php?id=CVE-2024-45497
31 Dec 2024 — A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories. The mount is not read-only, which allows the attacker to overwrite it. By modifying the config.json file, the attacker can cause a denial of service by preventing the node from pulling new images and potentially exf... • https://access.redhat.com/security/cve/CVE-2024-45497 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-12698 – Ose-olm-catalogd-container: incomplete fix for rapid reset (cve-2023-39325/cve-2023-44487)
https://notcve.org/view.php?id=CVE-2024-12698
18 Dec 2024 — An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources. • https://access.redhat.com/security/cve/CVE-2024-12698 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-11614 – Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library
https://notcve.org/view.php?id=CVE-2024-11614
18 Dec 2024 — An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset. An update for dpdk is now available for Red Hat Enterprise Linux 8.6 Ad... • https://access.redhat.com/security/cve/CVE-2024-11614 • CWE-125: Out-of-bounds Read •
CVSS: 4.6EPSS: 0%CPEs: 10EXPL: 0CVE-2024-12401 – Cert-manager: potential dos when parsing specially crafted pem inputs
https://notcve.org/view.php?id=CVE-2024-12401
12 Dec 2024 — A flaw was found in the cert-manager package. This flaw allows an attacker who can modify PEM data that the cert-manager reads, for example, in a Secret resource, to use large amounts of CPU in the cert-manager controller pod to effectively create a denial-of-service (DoS) vector for the cert-manager in the cluster. Se encontró una falla en el paquete cert-manager. Esta falla permite que un atacante que pueda modificar los datos PEM que lee el cert-manager, por ejemplo, en un recurso secreto, utilice grande... • https://access.redhat.com/security/cve/CVE-2024-12401 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-8676 – Cri-o: checkpoint restore can be triggered from different namespaces
https://notcve.org/view.php?id=CVE-2024-8676
26 Nov 2024 — A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the pod spec, verifying that the pod has access to the mounts it specifies are not applicable to a restored container. This flaw allows a malicious user to trick CRI-O into restoring a pod that doesn't have access to h... • https://access.redhat.com/security/cve/CVE-2024-8676 • CWE-285: Improper Authorization •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6538 – Openshift-console: openshift console: server-side request forgery
https://notcve.org/view.php?id=CVE-2024-6538
25 Nov 2024 — A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to clients due to network filtering. Leveraging such an attack vector, the attacker can have an impact on other services and potentially disclose information or have other nefarious effects on the system. The /api/dev-... • https://access.redhat.com/security/cve/CVE-2024-6538 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-52616 – Avahi: avahi wide-area dns predictable transaction ids
https://notcve.org/view.php?id=CVE-2024-52616
21 Nov 2024 — A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs. • https://access.redhat.com/security/cve/CVE-2024-52616 • CWE-334: Small Space of Random Values •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-52615 – Avahi: avahi wide-area dns uses constant source port
https://notcve.org/view.php?id=CVE-2024-52615
21 Nov 2024 — A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected. • https://access.redhat.com/security/cve/CVE-2024-52615 • CWE-330: Use of Insufficiently Random Values •