Filtered by vendor Redhat
Subscriptions
Filtered by product Discovery
Subscriptions
Total
46 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-6485 | 2 Getbootstrap, Redhat | 2 Bootstrap, Discovery | 2025-02-24 | 6.4 Medium |
| A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting (XSS) attacks. The vulnerability is associated with the data-loading-text attribute within the button plugin. This vulnerability can be exploited by injecting malicious JavaScript code into the attribute, which would then be executed when the button's loading state is triggered. | ||||
| CVE-2024-56201 | 1 Redhat | 12 Ansible Automation Platform, Discovery, Enterprise Linux and 9 more | 2025-02-18 | 7.3 High |
| Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of if Jinja's sandbox is used. To exploit the vulnerability, an attacker needs to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates where the template author can also choose the template filename. This vulnerability is fixed in 3.1.5. | ||||
| CVE-2024-12797 | 1 Redhat | 5 Discovery, Enterprise Linux, Logging and 2 more | 2025-02-18 | 6.3 Medium |
| Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_VERIFY_PEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys may be vulnerable to man-in-middle attacks when server authentication failure is not detected by clients. RPKs are disabled by default in both TLS clients and TLS servers. The issue only arises when TLS clients explicitly enable RPK use by the server, and the server, likewise, enables sending of an RPK instead of an X.509 certificate chain. The affected clients are those that then rely on the handshake to fail when the server's RPK fails to match one of the expected public keys, by setting the verification mode to SSL_VERIFY_PEER. Clients that enable server-side raw public keys can still find out that raw public key verification failed by calling SSL_get_verify_result(), and those that do, and take appropriate action, are not affected. This issue was introduced in the initial implementation of RPK support in OpenSSL 3.2. The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. | ||||
| CVE-2024-35195 | 2 Redhat, Request Project | 10 Ansible Automation Platform, Discovery, Enterprise Linux and 7 more | 2025-02-13 | 5.6 Medium |
| Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. This vulnerability is fixed in 2.32.0. | ||||
| CVE-2023-4752 | 5 Apple, Debian, Fedoraproject and 2 more | 6 Macos, Debian Linux, Fedora and 3 more | 2025-02-13 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.1858. | ||||
| CVE-2024-56374 | 1 Redhat | 4 Ansible Automation Platform, Discovery, Satellite and 1 more | 2025-02-12 | 5.8 Medium |
| An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions clean_ipv6_address and is_valid_ipv6_address are vulnerable, as is the django.forms.GenericIPAddressField form field. (The django.db.models.GenericIPAddressField model field is not affected.) | ||||
| CVE-2022-49043 | 1 Redhat | 5 Discovery, Enterprise Linux, Openshift and 2 more | 2025-01-27 | 8.1 High |
| xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. | ||||
| CVE-2024-52798 | 2 Pillarjs, Redhat | 8 Path-to-regexp, Apache Camel Hawtio, Discovery and 5 more | 2025-01-24 | 5.3 Medium |
| path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgrade to 0.1.12. This vulnerability exists because of an incomplete fix for CVE-2024-45296. | ||||
| CVE-2024-45296 | 2 Pillarjs, Redhat | 19 Path-to-regexp, Acm, Ansible Automation Platform and 16 more | 2025-01-24 | 7.5 High |
| path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0. | ||||
| CVE-2024-52005 | 1 Redhat | 3 Discovery, Enterprise Linux, Rhel Eus | 2025-01-15 | 7.5 High |
| Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources. | ||||
| CVE-2024-43788 | 3 Redhat, Webpack, Webpack.js | 10 Cryostat, Discovery, Jboss Data Grid and 7 more | 2025-01-09 | 6.4 Medium |
| Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue. | ||||
| CVE-2024-53907 | 2 Djangoproject, Redhat | 4 Django, Ansible Automation Platform, Ansible Automation Platform Developer and 1 more | 2024-12-31 | 7.5 High |
| An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities. | ||||
| CVE-2024-56326 | 1 Redhat | 14 Ansible Automation Platform, Discovery, Enterprise Linux and 11 more | 2024-12-27 | 7.8 High |
| Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to store a reference to a malicious string's format method, then pass that to a filter that calls it. No such filters are built-in to Jinja, but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox. This vulnerability is fixed in 3.1.5. | ||||
| CVE-2024-55565 | 1 Redhat | 11 Acm, Ansible Automation Platform, Discovery and 8 more | 2024-12-12 | 4.3 Medium |
| nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version. | ||||
| CVE-2023-44270 | 2 Postcss, Redhat | 7 Postcss, Discovery, Openshift and 4 more | 2024-11-21 | 5.3 Medium |
| An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment. | ||||
| CVE-2024-31449 | 2 Redhat, Redis | 3 Discovery, Enterprise Linux, Redis | 2024-11-19 | 7 High |
| Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potentially lead to remote code execution. The problem exists in all versions of Redis with Lua scripting. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-21536 | 2 Chimurai, Redhat | 9 Http-proxy-middleware, Advanced Cluster Security, Discovery and 6 more | 2024-11-01 | 7.5 High |
| Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. An attacker could kill the Node.js process and crash the server by making requests to certain paths. | ||||
| CVE-2024-42005 | 2 Djangoproject, Redhat | 6 Django, Ansible Automation Platform, Discovery and 3 more | 2024-10-23 | 9.8 Critical |
| An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg. | ||||
| CVE-2024-31228 | 1 Redhat | 2 Discovery, Enterprise Linux | 2024-10-10 | 5.5 Medium |
| Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST` and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crash. This problem has been fixed in Redis versions 6.2.16, 7.2.6, and 7.4.1. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-43800 | 2 Openjsf, Redhat | 11 Serve-static, Discovery, Network Observ Optr and 8 more | 2024-09-20 | 5 Medium |
| serve-static serves static files. serve-static passes untrusted user input - even after sanitizing it - to redirect() may execute untrusted code. This issue is patched in serve-static 1.16.0. | ||||