CVSS: 8.5EPSS: 0%CPEs: 23EXPL: 0CVE-2024-9341 – Podman: buildah: cri-o: fips crypto-policy directory mounting issue in containers/common go library
https://notcve.org/view.php?id=CVE-2024-9341
01 Oct 2024 — A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. Red Hat OpenShift Container Platform release 4.15.... • https://access.redhat.com/security/cve/CVE-2024-9341 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 30EXPL: 0CVE-2024-9355 – Golang-fips: golang fips zeroed buffer
https://notcve.org/view.php?id=CVE-2024-9355
01 Oct 2024 — A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum. It is also possible to force a derived key to be all zeros instead of an unpredictable value. This... • https://access.redhat.com/security/cve/CVE-2024-9355 • CWE-457: Use of Uninitialized Variable •
CVSS: 6.8EPSS: 2%CPEs: 11EXPL: 0CVE-2024-8883 – Keycloak: vulnerable redirect uri validation results in open redirec
https://notcve.org/view.php?id=CVE-2024-8883
19 Sep 2024 — A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking. A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common V... • https://access.redhat.com/security/cve/CVE-2024-8883 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45496 – Openshift-controller-manager: elevated build pods can lead to node compromise in openshift
https://notcve.org/view.php?id=CVE-2024-45496
16 Sep 2024 — A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone container is run with a privileged security context, allowing unrestricted access to the node. An attacker with developer-level access can provide a crafted .gitconfig file containing commands executed during the cloning process, leading to arbitrary command execution on the worker node. An attacker running code in ... • https://access.redhat.com/security/cve/CVE-2024-45496 • CWE-269: Improper Privilege Management •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7387 – Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy
https://notcve.org/view.php?id=CVE-2024-7387
16 Sep 2024 — A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build container can be overridden using the `spec.source.secrets.secret.destinationDir` attribute of the `BuildConfig` definition. An attacker running code in a privileged container could escalate their permissions on the node ru... • https://access.redhat.com/security/cve/CVE-2024-7387 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-6841 – Keycloak: amount of attributes per object is not limited and it may lead to dos
https://notcve.org/view.php?id=CVE-2023-6841
10 Sep 2024 — A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when the application send back rows with long attribute values. • https://access.redhat.com/security/cve/CVE-2023-6841 • CWE-231: Improper Handling of Extra Values •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44082 – openstack-ironic: Specially crafted image may allow authenticated users to gain access to potentially sensitive data
https://notcve.org/view.php?id=CVE-2024-44082
05 Sep 2024 — In OpenStack Ironic before 26.0.1 and ironic-python-agent before 9.13.1, there is a vulnerability in image processing, in which a crafted image could be used by an authenticated user to exploit undesired behaviors in qemu-img, including possible unauthorized access to potentially sensitive data. The affected/fixed version details are: Ironic: <21.4.3, >=22.0.0 <23.0.2, >=23.1.0 <24.1.2, >=25.0.0 <26.0.1; Ironic-python-agent: <9.4.2, >=9.5.0 <9.7.1, >=9.8.0 <9.11.1, >=9.12.0 <9.13.1. A vulnerability was foun... • https://bugs.launchpad.net/ironic/+bug/2071740 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-8418 – Containers/aardvark-dns: tcp query handling flaw in aardvark-dns leading to denial of service
https://notcve.org/view.php?id=CVE-2024-8418
04 Sep 2024 — A flaw was found in Aardvark-dns versions 1.12.0 and 1.12.1. They contain a denial of service vulnerability due to serial processing of TCP DNS queries. This flaw allows a malicious client to keep a TCP connection open indefinitely, causing other DNS queries to time out and resulting in a denial of service for all other containers using aardvark-dns. A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit th... • https://access.redhat.com/security/cve/CVE-2024-8418 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2024-4629 – Keycloak: potential bypass of brute force protection
https://notcve.org/view.php?id=CVE-2024-4629
03 Sep 2024 — A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This timing loophole enables attackers to make more guesses at passwords than intended, potentially compromising account security on affected systems. New images are available for Red Hat build of Keycloak 22.0.12 and ... • https://access.redhat.com/security/cve/CVE-2024-4629 • CWE-837: Improper Enforcement of a Single, Unique Action •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-6508 – Openshift-console: oauth2 insufficient state parameter entropy
https://notcve.org/view.php?id=CVE-2024-6508
21 Aug 2024 — An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery (CSRF) attack if the state parameter is used inefficiently. This flaw allows logging into the victim’s current application account using a third-party account without any restrictions. Red Hat OpenShift Container Platform release 4.14.41 is now available with updates to packages and images that fix several bugs and... • https://access.redhat.com/security/cve/CVE-2024-6508 • CWE-331: Insufficient Entropy •