Filtered by vendor Redhat Subscriptions
Filtered by product Run Once Duration Override Operator Subscriptions
Total 25 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-24532 2 Golang, Redhat 10 Go, Enterprise Linux, Migration Toolkit Applications and 7 more 2024-08-02 5.3 Medium
The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh.
CVE-2024-24786 1 Redhat 21 Acm, Cluster Observability Operator, Container Native Virtualization and 18 more 2024-08-01 5.9 Medium
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
CVE-2024-24783 1 Redhat 20 Advanced Cluster Security, Ansible Automation Platform, Cryostat and 17 more 2024-08-01 5.9 Medium
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
CVE-2024-24785 1 Redhat 16 Enterprise Linux, Kube Descheduler Operator, Logging and 13 more 2024-08-01 6.5 Medium
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
CVE-2024-24788 1 Redhat 12 Ansible Automation Platform, Cost Management, Cryostat and 9 more 2024-08-01 7.5 High
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.