Filtered by vendor Redhat
Subscriptions
Filtered by product Devworkspace
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8176 | 1 Redhat | 4 Devworkspace, Enterprise Linux, Jboss Core Services and 1 more | 2025-04-15 | 7.5 High |
| A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. | ||||
| CVE-2023-3089 | 1 Redhat | 18 Acm, Amq Streams, Container Native Virtualization and 15 more | 2024-11-21 | 7 High |
| A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. | ||||
| CVE-2023-38408 | 3 Fedoraproject, Openbsd, Redhat | 9 Fedora, Openssh, Devworkspace and 6 more | 2024-11-21 | 9.8 Critical |
| The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009. | ||||
Page 1 of 1.