VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
Fix a potential NPD in cleanup_prefix_route(). Red Hat rates this low (CVSS 5.5).
validate unlabeled address and mask attribute lengths. Red Hat rates this moderate (CVSS 5.5).
fix off-by-one in multicast context address compression. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-193.
Fix NULL pointer dereference. Red Hat rates this low (CVSS 5.5).
fix leak if split 6 GHz scanning fails. Red Hat rates this low (CVSS 5.5).
Fix the ACK parser to extract the SACK table for parsing. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-125.
use kmap_local_page in netvsc_copy_to_send_buf. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-468.
fix sleep-inside-lock in __smc_setsockopt() causing local DoS. Red Hat rates this low (CVSS 5.5). Weakness: CWE-821.
don't try to setup PHY-driven SFP cages when using genphy. Red Hat rates this low (CVSS 5.5).
fix NULL dereference in get_queue_ids(). Red Hat rates this moderate (CVSS 5.5).
fix uninit-value in __sctp_rcv_asconf_lookup(). Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-130.
Fix global performance monitor reference counting. Red Hat rates this moderate (CVSS 5.5).
fix use-after-free on sbi->sync_decompress. Red Hat rates this moderate (CVSS 5.5).
Release nested relation on devlink free. Red Hat rates this low (CVSS 5.5). Weakness: CWE-772.
Uninitialized Use in GPU. Red Hat rates this important (CVSS 5.3). Weakness: CWE-824.
Insufficient validation of untrusted input in Navigation. Red Hat rates this important (CVSS 5.8). Weakness: CWE-1286.
Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2.91.0, he LaTeX backend's handling of \includegraphics, \input, and \include commands lacked path containment validation. Attackers could craft malicious LaTeX documents with path traversal sequences to read arbitrary files from the file system accessible to the process, include sensitive files in the converted document output, or potentially access configuration files, credentials, or other sensitive data This vulnerability is fixed in 2.91.0. A flaw was found in Docling, a tool for document processing. This Moderate impact flaw in Docling's LaTeX backend allows an attacker to read arbitrary files from the system. By crafting a malicious LaTeX document with path traversal sequences, an attacker could exploit this vulnerability when a user processes the document, potentially leading to the disclosure of sensitive information such as configuration files or credentials. This issue primarily affects instances where Docling is used to process untrusted LaTeX content, such as within Red Hat OpenShift AI. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N). Weakness: CWE-22. Affected Red Hat products: Red Hat OpenShift AI (RHOAI). Red Hat does not currently list a fixing RHSA for this CVE.
concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReference#update can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReference#update, which retries until compare_and_set(old_value, new_value) succeeds; Numeric compare_and_set, which checks old == old_value before attempting the underlying atomic swap.; and Ruby NaN semantics, where Float::NAN == Float::NAN is always false. As a result, once an AtomicReference contains Float::NAN, calling #update repeatedly evaluates the caller's block and never returns. In services that store externally derived numeric values in an AtomicReference, this can cause CPU exhaustion or permanent request/job hangs. This vulnerability is fixed in 1.3.7. This occurs when the current value is a special 'Not a Number' (Float::NAN) floating-point value, causing the method to repeatedly attempt an operation without success. This can lead to a Denial of Service (DoS), where the affected application experiences CPU exhaustion or becomes unresponsive. The issue arises when the `AtomicReference#update` method encounters a `Float::NAN` value, leading to an infinite retry loop and potential CPU exhaustion.
concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::ReentrantReadWriteLock can incorrectly grant a write lock after one thread acquires the read lock 32,768 times. The lock stores a thread's local read and write hold counts in one integer. The low 15 bits are used for the read hold count, and bit 15 is used as WRITE_LOCK_HELD. This breaks the core mutual-exclusion guarantee: the caller is told it has a write lock, but other threads can still hold or acquire read locks at the same time. This vulnerability is fixed in 1.3.7. This occurs when a thread acquires a read lock 32,768 times, causing an internal counter to incorrectly indicate a write lock is held. This breaks the fundamental mutual-exclusion guarantee of the lock, potentially leading to unexpected behavior or data corruption due to concurrent access. Red Hat rates this flaw as Low impact, consistent with the upstream CVEORG assessment (2.0). The vulnerability requires a single thread to acquire the same ReentrantReadWriteLock read lock 32,768 times reentrantly before the internal counter overflows into the write-lock bit. This precondition does not arise in normal application usage. While concurrent-ruby ships the vulnerable lock class in Red Hat products, no transitive dependency was confirmed to instantiate ReentrantReadWriteLock.
Jenkins GitHub Branch Source Plugin: Jenkins GitHub Branch Source Plugin: Information disclosure via missing permission check. Red Hat rates this moderate (CVSS 4.3). Weakness: CWE-425.