| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-5042 | Submariner-operator: rbac permissions can allow for the spread of node compromises | - | - | Medium | 6.6 | 2024-05-17 13:12:01 | Deep Dive |
| CVE-2024-4871 | Foreman: host ssh key not being checked in remote execution | - | - | Medium | 6.8 | 2024-05-14 14:27:41 | Deep Dive |
| CVE-2024-4840 | Rhosp-director: cleartext passwords exposed in logs | - | - | Medium | 5.5 | 2024-05-13 22:16:40 | Deep Dive |
| CVE-2024-4693 | Qemu-kvm: virtio-pci: improper release of configure vector leads to guest triggerable crash | - | - | Medium | 5.5 | 2024-05-10 12:57:41 | Deep Dive |
| CVE-2024-3727 | Containers/image: digest type does not guarantee valid type | - | - | High | 8.3 | 2024-05-09 14:57:21 | Deep Dive |
| CVE-2024-4438 | Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform | - | - | High | 7.5 | 2024-05-08 08:59:42 | Deep Dive |
| CVE-2024-4437 | Etcd: incomplete fix for cve-2021-44716 in openstack platform | - | - | High | 7.5 | 2024-05-08 08:57:40 | Deep Dive |
| CVE-2024-4436 | Etcd: incomplete fix for cve-2022-41723 in openstack platform | - | - | High | 7.5 | 2024-05-08 08:57:12 | Deep Dive |
| CVE-2024-4418 | Libvirt: stack use-after-free in virnetclientioeventloop() | - | - | Medium | 6.2 | 2024-05-08 03:03:05 | Deep Dive |
| CVE-2024-4029 | Wildfly: no timeout for eap management interface may lead to denial of service (dos) | - | - | Medium | 4.1 | 2024-05-02 14:55:27 | Deep Dive |
| CVE-2024-4369 | Cluster-image-registry-operator: exposes a secret via env variable in pod definition on azure | - | - | Medium | 6.8 | 2024-04-30 23:49:02 | Deep Dive |
| CVE-2024-3154 | Cri-o: arbitrary command injection via pod annotation | - | - | High | 7.2 | 2024-04-26 03:12:38 | Deep Dive |
| CVE-2024-3624 | Mirror-registry: database user and password stored in plain-text | - | - | High | 7.3 | 2024-04-25 17:46:52 | Deep Dive |
| CVE-2024-3625 | Mirror-registry: redis password stored in plain-text | - | - | High | 7.3 | 2024-04-25 17:46:52 | Deep Dive |
| CVE-2024-3623 | Mirror-registry: default database secret key stored in plain-text on initial configuration file | - | - | Medium | 6.5 | 2024-04-25 17:46:47 | Deep Dive |
| CVE-2024-3622 | Mirror-registry: plain-text default csrf secret key | - | - | High | 8.8 | 2024-04-25 17:46:29 | Deep Dive |
| CVE-2024-3508 | Bzip2: compressed content bomb leads to denial of service of bombastic api | - | - | Medium | 4.3 | 2024-04-25 17:46:22 | Deep Dive |
| CVE-2024-2905 | Rpm-ostree: world-readable /etc/shadow file | - | - | Medium | 6.2 | 2024-04-25 17:44:16 | Deep Dive |
| CVE-2024-2467 | Perl-crypt-openssl-rsa: side-channel attack in pkcs#1 v1.5 padding mode (marvin attack) | - | - | Medium | 5.9 | 2024-04-25 16:45:03 | Deep Dive |
| CVE-2024-1726 | Quarkus: security checks for some inherited endpoints performed after serialization in resteasy reactive may trigger a denial of service | - | - | Medium | 5.3 | 2024-04-25 16:29:05 | Deep Dive |