| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-6717 | Keycloak: xss via assertion consumer service url in saml post-binding flow | - | - | Medium | 6.0 | 2024-04-25 16:02:03 | Deep Dive |
| CVE-2023-6596 | Openshift: incomplete fix for rapid reset (cve-2023-44487/cve-2023-39325) | - | - | High | 7.5 | 2024-04-25 16:00:24 | Deep Dive |
| CVE-2023-5675 | Quarkus: authorization flaw in quarkus resteasy reactive and classic when "quarkus.security.jaxrs.deny-unannotated-endpoints" or "quarkus.security.jaxrs.default-roles-allowed" properties are used. | - | - | Medium | 6.5 | 2024-04-25 15:44:56 | Deep Dive |
| CVE-2024-0406 | Mholt/archiver: path traversal vulnerability | - | - | Medium | 6.1 | 2024-04-06 16:11:03 | Deep Dive |
| CVE-2024-31420 | Cnv: dos through repeatedly calling vm-dump-metrics until virt handler crashes | - | - | Medium | 6.5 | 2024-04-03 14:01:07 | Deep Dive |
| CVE-2024-31419 | Cnv: information disclosure through the usage of vm-dump-metrics | - | - | Medium | 4.3 | 2024-04-03 14:00:04 | Deep Dive |
| CVE-2024-1300 | Io.vertx:vertx-core: memory leak when a tcp server is configured with tls and sni support | - | - | Medium | 5.4 | 2024-04-02 07:33:05 | Deep Dive |
| CVE-2024-1023 | Io.vertx/vertx-core: memory leak due to the use of netty fastthreadlocal data structures in vertx | - | - | Medium | 6.5 | 2024-03-27 07:51:16 | Deep Dive |
| CVE-2024-1394 | Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads | Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 | High | 7.5 | 2024-03-21 12:16:39 | Deep Dive |
| CVE-2024-1753 | Buildah: full container escape at build time | - | - | High | 8.6 | 2024-03-18 14:23:44 | Deep Dive |
| CVE-2024-1725 | Kubevirt-csi: persistentvolume allows access to hcp's root node | - | - | Medium | 6.5 | 2024-03-07 20:09:12 | Deep Dive |
| CVE-2023-3966 | Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet | - | openvswitch | High | 7.5 | 2024-02-22 12:15:53 | Deep Dive |
| CVE-2024-1635 | Undertow: out-of-memory error after several closed connections with wildfly-http-client protocol | - | - | High | 7.5 | 2024-02-19 21:23:14 | Deep Dive |
| CVE-2024-1485 | Registry-support: decompress can delete files outside scope via relative paths | - | - | High | 8.0 | 2024-02-13 23:31:14 | Deep Dive |
| CVE-2023-6291 | Keycloak: redirect_uri validation bypass | Red Hat | Red Hat build of Keycloak 22 | High | 7.1 | 2024-01-26 14:23:43 | Deep Dive |
| CVE-2024-0567 | Gnutls: rejects certificate chain with distributed trust | - | - | High | 7.5 | 2024-01-16 14:01:59 | Deep Dive |
| CVE-2023-6476 | Cri-o: pods are able to break out of resource confinement on cgroupv2 | Red Hat | Red Hat OpenShift Container Platform 4.13 | Medium | 6.5 | 2024-01-09 21:32:03 | Deep Dive |
| CVE-2023-5408 | Openshift: modification of node role labels | Red Hat | Red Hat OpenShift Container Platform 4.11 | High | 7.2 | 2023-11-02 02:55:58 | Deep Dive |
| CVE-2023-5625 | Python-eventlet: patch regression for cve-2021-21419 in some red hat builds | Red Hat | Ironic content for Red Hat OpenShift Container Platform 4.12 | Medium | 5.3 | 2023-11-01 13:28:10 | Deep Dive |
| CVE-2023-5366 | Openvswitch don't match packets on nd_target field | - | openvswitch | High | 7.1 | 2023-10-06 17:43:34 | Deep Dive |