| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-4380 | Platform: token exposed at importing project | Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 | Medium | 6.3 | 2023-10-04 14:24:35 | Deep Dive |
| CVE-2023-4237 | Platform: ec2_key module prints out the private key directly to the standard output | Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 | High | 7.3 | 2023-10-04 14:23:21 | Deep Dive |
| CVE-2023-1832 | Improper authorization check in the server component | - | candlepin-4.3.7 | Medium | 6.8 | 2023-10-04 13:05:38 | Deep Dive |
| CVE-2023-3361 | S3 credentials included when exporting elyra notebook | - | odh-dashboard | High | 7.7 | 2023-10-04 11:34:58 | Deep Dive |
| CVE-2022-4132 | Memory leak on tls connections | - | jss | Medium | 5.9 | 2023-10-04 11:26:11 | Deep Dive |
| CVE-2023-3153 | Service monitor mac flow is not rate limited | - | ovn | Medium | 5.3 | 2023-10-04 11:13:40 | Deep Dive |
| CVE-2023-2422 | Keycloak: oauth client impersonation | Red Hat | Red Hat Single Sign-On 7 | Medium | 5.5 | 2023-10-04 10:59:31 | Deep Dive |
| CVE-2023-1584 | Quarkus-oidc: id and access tokens leak via the authorization code flow | - | - | High | 7.5 | 2023-10-04 10:47:38 | Deep Dive |
| CVE-2023-4586 | Hotrod-client: hot rod client does not enable hostname validation when using tls that lead to a mitm attack | Red Hat | Red Hat Data Grid 8.4.6 | High | 7.4 | 2023-10-04 10:46:15 | Deep Dive |
| CVE-2023-4911 | Glibc: buffer overflow in ld.so leading to privilege escalation | - | - | High | 7.8 | 2023-10-03 17:25:08 | Deep Dive |
| CVE-2023-4732 | Kernel: race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode bug in include/linux/swapops.h | Red Hat | Red Hat Enterprise Linux 8 | Medium | 4.7 | 2023-10-03 16:55:02 | Deep Dive |
| CVE-2023-4886 | Foreman: world readable file containing secrets | Red Hat | Red Hat Satellite 6.13 for RHEL 8 | Medium | 6.7 | 2023-10-03 14:24:56 | Deep Dive |
| CVE-2023-42756 | Kernel: netfilter: race condition between ipset_cmd_add and ipset_cmd_swap | Red Hat | Red Hat Enterprise Linux 9 | Medium | 4.4 | 2023-09-28 13:55:37 | Deep Dive |
| CVE-2023-5215 | Libnbd: crash or misbehaviour when nbd server returns an unexpected block size | Red Hat | Red Hat Enterprise Linux 9 | Medium | 5.3 | 2023-09-28 13:55:32 | Deep Dive |
| CVE-2023-4066 | Operator: passwords defined in secrets shown in statefulset yaml | Red Hat | RHEL-8 based Middleware Containers | Medium | 5.5 | 2023-09-27 20:54:42 | Deep Dive |
| CVE-2023-3223 | Undertow: outofmemoryerror due to @multipartconfig handling | Red Hat | Red Hat Fuse 7.12.1 | High | 7.5 | 2023-09-27 13:54:45 | Deep Dive |
| CVE-2023-0833 | Red hat a-mq streams: component version with information disclosure flaw | - | - | Medium | 4.7 | 2023-09-27 13:41:13 | Deep Dive |
| CVE-2023-0456 | Apicast proxies the api call with incorrect jwt token to the api backend without proper authorization check | - | apicast | High | 7.4 | 2023-09-27 13:39:37 | Deep Dive |
| CVE-2023-5157 | Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6 | Red Hat | Red Hat Enterprise Linux 8 | High | 7.5 | 2023-09-26 13:25:24 | Deep Dive |
| CVE-2023-4065 | Operator: plaintext password in operator log | Red Hat | RHEL-8 based Middleware Containers | Medium | 5.5 | 2023-09-26 13:25:23 | Deep Dive |