Filtered by vendor Redhat
Subscriptions
Total
21661 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-7246 | 1 Redhat | 4 Ansible Automation Platform, Rhui, Satellite and 1 more | 2024-08-06 | 4.8 Medium |
| It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table. Please update to a fixed version of gRPC as soon as possible. This bug has been fixed in 1.58.3, 1.59.5, 1.60.2, 1.61.3, 1.62.3, 1.63.2, 1.64.3, 1.65.4. | ||||
| CVE-2024-42460 | 2 Elliptic Project, Redhat | 4 Elliptic, Acm, Multicluster Engine and 1 more | 2024-08-02 | 5.3 Medium |
| In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero. | ||||
| CVE-2024-42459 | 2 Elliptic Project, Redhat | 4 Elliptic, Acm, Multicluster Engine and 1 more | 2024-08-02 | 5.3 Medium |
| In the Elliptic package 6.5.6 for Node.js, EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be removed or appended. | ||||
| CVE-2024-35918 | 1 Redhat | 1 Enterprise Linux | 2024-07-30 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-38391 | 1 Redhat | 1 Enterprise Linux | 2024-07-02 | 4.4 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-52756 | 1 Redhat | 1 Enterprise Linux | 2024-06-08 | 4.4 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-35812 | 1 Redhat | 1 Enterprise Linux | 2024-06-04 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-35923 | 1 Redhat | 1 Enterprise Linux | 2024-05-25 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-52758 | 1 Redhat | 1 Enterprise Linux | 2024-05-24 | 4.4 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-35876 | 1 Redhat | 2 Enterprise Linux, Rhel Eus | 2024-05-23 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-26650 | 1 Redhat | 1 Enterprise Linux | 2024-05-23 | 4.4 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-52651 | 1 Redhat | 2 Enterprise Linux, Rhel Eus | 2024-05-02 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2022-27458 | 1 Redhat | 2 Enterprise Linux, Rhel Software Collections | 2024-05-01 | 7.5 High |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27447. Reason: This candidate is a reservation duplicate of CVE-2022-27447. Notes: All CVE users should reference CVE-2022-27447 instead of this candidate. | ||||
| CVE-2024-26908 | 1 Redhat | 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more | 2024-04-30 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-23252 | 1 Redhat | 1 Enterprise Linux | 2024-03-26 | 6.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-52605 | 1 Redhat | 1 Enterprise Linux | 2024-03-18 | 4.4 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-26609 | 1 Redhat | 1 Enterprise Linux | 2024-03-12 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-52466 | 1 Redhat | 1 Enterprise Linux | 2024-03-03 | 4.4 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2022-40433 | 1 Redhat | 6 Enterprise Linux, Openjdk, Rhel Aus and 3 more | 2024-02-17 | 4.9 Medium |
| ** REJECT ** This CVE ID has been rejected by its CNA as it was not a security issue. | ||||
| CVE-2025-24528 | 1 Redhat | 1 Rhel Els | 2024-01-28 | 6.5 Medium |
| A flaw was found in krb5. With incremental propagation enabled, an authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file. This issue can trigger a process crash and lead to a denial of service. | ||||