Latest redhat openshift container platform ibm z systems Vulnerabilities

CVE-2023-6134
Keycloak: reflected xss via wildcard in oidc redirect_uri
maven/org.keycloak:keycloak-services<23.0.3
Redhat Single Sign-on<7.6.6
Redhat Keycloak<22.0.7
Redhat Single Sign-on<7.6
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
and 11 more
CVE-2023-5625
Python-eventlet: patch regression for cve-2021-21419 in some red hat builds
Redhat Openshift Container Platform For Arm64=4.12
Redhat Openshift Container Platform For Linuxone=4.12
Redhat Openshift Container Platform For Power=4.12
Redhat Openshift Container Platform Ibm Z Systems=4.12
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
and 2 more
CVE-2023-3089
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Redhat Openshift Container Platform=4.10
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
Redhat Openshift Container Platform For Linuxone=4.10
Redhat Openshift Container Platform For Linuxone=4.11
Redhat Openshift Container Platform For Power=4.10
and 10 more
CVE-2023-0264
Keycloak's OpenID Connect user authentication was found to incorrectly authenticate requests. An authenticated attacker who could also obtain a certain piece of info from a user request, from a victim...
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el8
redhat/rh-sso7-keycloak<0:18.0.6-1.redhat_00001.1.el9
maven/org.keycloak:keycloak-services<21.0.1
Redhat Keycloak<18.0.6
Redhat Single Sign-on<7.6.2
and 10 more
CVE-2023-0056
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious...
redhat/haproxy<0:2.4.17-3.el9_1.2
redhat/haproxy<0:2.4.7-2.el9_0.2
redhat/haproxy<0:2.2.19-3.el8
redhat/haproxy<0:2.2.24-2.el8
redhat/haproxy<0:2.2.24-3.rhaos4.13.el8
redhat/haproxy<0:2.2.15-6.el8
and 24 more
CVE-2022-4318
Cri-o: /etc/passwd tampering privesc
redhat/cri-o<0:1.24.4-10.rhaos4.11.git1ed5ac5.el8
redhat/cri-o<0:1.25.2-10.rhaos4.12.git0a083f9.el8
Kubernetes CRI-O
Redhat Openshift Container Platform For Arm64=4.12
Redhat Openshift Container Platform For Linuxone=4.12
Redhat Openshift Container Platform For Power=4.12
and 45 more
CVE-2022-3916
Keycloak: session takeover with oidc offline refreshtokens
maven/org.keycloak:keycloak-parent<=19.0.2
Redhat Keycloak<20.0.2
Redhat Single Sign-on
Redhat Single Sign-on=7.6
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
and 15 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203