Filtered by vendor Redhat
Subscriptions
Filtered by product Serverless
Subscriptions
Total
84 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-3089 | 2 Devworkspace, Redhat | 18 1.0, Acm, Amq Streams and 15 more | 2024-08-02 | 7 High |
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. | ||||
CVE-2024-24783 | 1 Redhat | 20 Advanced Cluster Security, Ansible Automation Platform, Cryostat and 17 more | 2024-08-01 | 5.9 Medium |
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. | ||||
CVE-2024-24789 | 2 Golang, Redhat | 9 Go, Enterprise Linux, Network Observ Optr and 6 more | 2024-08-01 | 5.5 Medium |
The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors. | ||||
CVE-2024-24785 | 1 Redhat | 16 Enterprise Linux, Kube Descheduler Operator, Logging and 13 more | 2024-08-01 | 6.5 Medium |
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates. |