Filtered by vendor Redhat Subscriptions
Filtered by product Rhmt Subscriptions
Total 125 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-24788 1 Redhat 13 Ansible Automation Platform, Cost Management, Cryostat and 10 more 2024-11-21 5.9 Medium
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.
CVE-2023-24540 2 Golang, Redhat 20 Go, Acm, Advanced Cluster Security and 17 more 2024-11-15 9.8 Critical
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.
CVE-2023-24538 2 Golang, Redhat 21 Go, Advanced Cluster Security, Ansible Automation Platform and 18 more 2024-11-15 9.8 Critical
Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g. "var a = {{.}}"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template.Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported, but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.
CVE-2024-3727 1 Redhat 18 Acm, Advanced Cluster Security, Ansible Automation Platform and 15 more 2024-11-13 8.3 High
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
CVE-2024-24786 2 Golang, Redhat 22 Go, Acm, Cluster Observability Operator and 19 more 2024-11-07 7.5 High
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
CVE-2023-29406 2 Golang, Redhat 19 Go, Advanced Cluster Security, Cryostat and 16 more 2024-11-07 6.5 Medium
The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value.
CVE-2023-45290 1 Redhat 19 Advanced Cluster Security, Ansible Automation Platform, Cryostat and 16 more 2024-11-07 6.5 Medium
When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
CVE-2024-4068 2 Micromatch, Redhat 6 Braces, Acm, Jboss Enterprise Application Platform and 3 more 2024-11-06 7.5 High
The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
CVE-2024-24783 1 Redhat 21 Advanced Cluster Security, Ansible Automation Platform, Cryostat and 18 more 2024-11-05 5.9 Medium
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
CVE-2023-45289 1 Redhat 12 Advanced Cluster Security, Enterprise Linux, Logging and 9 more 2024-11-04 4.3 Medium
When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
CVE-2019-25211 2 Gin-contrib, Redhat 2 Cors, Rhmt 2024-10-25 9.1 Critical
parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandles a wildcard at the end of an origin string, e.g., https://example.community/* is allowed when the intention is that only https://example.com/* should be allowed, and http://localhost.example.com/* is allowed when the intention is that only http://localhost/* should be allowed.
CVE-2022-25883 2 Npmjs, Redhat 10 Semver, Acm, Enterprise Linux and 7 more 2024-10-25 5.3 Medium
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
CVE-2023-29409 2 Golang, Redhat 20 Go, Ansible Automation Platform, Cert Manager and 17 more 2024-10-22 5.3 Medium
Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.
CVE-2023-3978 2 Golang, Redhat 8 Networking, Cryostat, Enterprise Linux and 5 more 2024-09-27 6.1 Medium
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
CVE-2023-39321 2 Golang, Redhat 17 Go, Acm, Ansible Automation Platform and 14 more 2024-09-26 7.5 High
Processing an incomplete post-handshake message for a QUIC connection can cause a panic.
CVE-2023-39318 2 Golang, Redhat 15 Go, Acm, Enterprise Linux and 12 more 2024-09-26 6.1 Medium
The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS attack.
CVE-2023-39319 2 Golang, Redhat 15 Go, Acm, Enterprise Linux and 12 more 2024-09-26 6.1 Medium
The html/template package does not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack.
CVE-2023-39322 3 Go Standard Library, Golang, Redhat 18 Crypto Tls, Go, Acm and 15 more 2024-09-26 7.5 High
QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.
CVE-2020-28500 4 Lodash, Oracle, Redhat and 1 more 25 Lodash, Banking Corporate Lending Process Management, Banking Credit Facilities Process Management and 22 more 2024-09-16 5.3 Medium
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
CVE-2021-23337 5 Lodash, Netapp, Oracle and 2 more 29 Lodash, Active Iq Unified Manager, Cloud Manager and 26 more 2024-09-16 7.2 High
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.