Latest redhat developer tools Vulnerabilities

● CVE-2022-27649

A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly w...

Podman Project Podman<4.0.3

Redhat Developer Tools=1.0

Redhat Openshift Container Platform=4.0

Redhat Enterprise Linux=8.0

Redhat Enterprise Linux=8.6

Redhat Enterprise Linux Eus=8.4

and 18 more

● CVE-2022-1011

A flaw in the Linux Kernel found. If unprivileged users can mount FUSE filesystems, then can trigger use after free (UAF) that reads of write() buffers, allowing theft of (partial) /etc/shadow hashes ...

redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8

redhat/kernel<0:4.18.0-372.9.1.el8

Linux Linux kernel<5.17

Linux Linux kernel=5.17

Linux Linux kernel=5.17-rc1

Linux Linux kernel=5.17-rc2

and 181 more

● CVE-2022-0330

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system ...

redhat/kernel-rt<0:3.10.0-1160.59.1.rt56.1200.el7

redhat/kernel<0:3.10.0-1160.59.1.el7

redhat/kernel<0:3.10.0-514.99.1.el7

redhat/kernel<0:3.10.0-693.99.1.el7

redhat/kernel<0:3.10.0-957.92.1.el7

redhat/kernel<0:3.10.0-1062.63.1.el7

and 246 more

● CVE-2021-3744

A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This v...

redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8

redhat/kernel<0:4.18.0-372.9.1.el8

Linux Linux kernel<5.15

Linux Linux kernel=5.15

Linux Linux kernel=5.15-rc1

Linux Linux kernel=5.15-rc2

and 157 more

● CVE-2021-3697

A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some tri...

debian/grub2

Gnu Grub2>=2.00<2.12

Redhat Developer Tools=1.0

IBM Robotic Process Automation as a Service=3.0

Redhat Enterprise Linux=8.0

Redhat Enterprise Linux=8.1

and 39 more

● CVE-2021-3696

A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may...

redhat/grub2<1:2.02-123.el8_6.8

redhat/grub2<1:2.02-87.el8_1.10

redhat/grub2<1:2.02-87.el8_2.10

redhat/grub2<1:2.02-99.el8_4.9

redhat/grub2<1:2.06-27.el9_0.7

Gnu Grub2>=2.00<2.12

and 39 more

● CVE-2021-3695

A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and...

redhat/grub2<1:2.02-123.el8_6.8

redhat/grub2<1:2.02-87.el8_1.10

redhat/grub2<1:2.02-87.el8_2.10

redhat/grub2<1:2.02-99.el8_4.9

redhat/grub2<1:2.06-27.el9_0.7

Gnu Grub2>=2.00<2.12

and 40 more

● CVE-2021-3669

A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8

redhat/kernel<0:4.18.0-372.9.1.el8

Linux Linux kernel

IBM Spectrum Copy Data Management>=2.2.0.0<=2.2.15.0

IBM Spectrum Protect Plus>=10.1.0<=10.1.10.2

Linux Linux kernel

and 161 more

● CVE-2022-1227

Podman is a tool for managing OCI containers and pods. A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image ...

go/github.com/containers/podman/v3<3.4

go/github.com/containers/psgo/internal/proc<1.7.2

go/github.com/containers/psgo<1.7.2

Podman Project Podman<4.0.0

Psgo Project Psgo<1.7.2

Redhat Developer Tools=1.0

and 19 more

● CVE-2019-17596

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client t...

Golang Go>=1.12<1.12.11

Golang Go>=1.13<1.13.2

Debian Debian Linux=9.0

Debian Debian Linux=10.0

Fedoraproject Fedora=30

Fedoraproject Fedora=31

and 15 more

● CVE-2019-16276

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.

Golang Go<1.12.10

Golang Go>=1.13<1.13.1

Debian Debian Linux=9.0

openSUSE Leap=15.0

openSUSE Leap=15.1

Fedoraproject Fedora=29

and 10 more

● CVE-2019-9514

A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RST_STREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest t...

redhat/go-toolset<1.11-0:1.11.13-1.el7

redhat/go-toolset<1.11-golang-0:1.11.13-2.el7

redhat/containernetworking-plugins<0:0.8.1-4.el7_7

redhat/eap7-apache-cxf<0:3.2.10-1.redhat_00001.1.el6ea

redhat/eap7-byte-buddy<0:1.9.11-1.redhat_00002.1.el6ea

redhat/eap7-glassfish-jsf<0:2.3.5-5.SP3_redhat_00003.1.el6ea

and 220 more

● CVE-2019-9741

An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by a...

Golang Go=1.11.5

Debian Debian Linux=8.0

Debian Debian Linux=9.0

Fedoraproject Fedora=29

Redhat Developer Tools=1.0

Redhat Enterprise Linux=8.0

and 1 more

● CVE-2018-16871

A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null poi...

redhat/kernel-rt<0:3.10.0-957.27.2.rt56.940.el7

redhat/kernel<0:3.10.0-957.27.2.el7

redhat/kernel-alt<0:4.14.0-115.18.1.el7a

redhat/kernel<0:3.10.0-693.58.1.el7

redhat/kernel-rt<0:4.18.0-193.rt13.51.el8

redhat/kernel<0:4.18.0-193.el8

and 31 more

Latest redhat developer tools Vulnerabilities

Company

Resources

Contact