VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1115 advisories across 32 monitored vendors.
WebOb provides objects for HTTP requests and responses. Prior to 1.8.10, the normalization of the HTTP Location header during a redirect is vulnerable to an open redirect: WebOb joins the redirect target to the request URI using Python's urljoin, and since Python 3.10 the underlying urlsplit strips ASCII tab, carriage return, and newline characters before parsing, so a redirect target containing such characters can be reinterpreted as a protocol-relative URL whose authority is an attacker-controlled host. This bypasses the CVE-2024-42353 fix that escaped a leading double slash, allowing an attacker who influences the redirect location to send users to an arbitrary external site instead of the intended one. This vulnerability is fixed in 1.8.10. Due to improper normalization of the Location header, specifically how certain ASCII characters are handled, an attacker can cause a user to be redirected to an arbitrary external website instead of the intended destination. This open redirect vulnerability can lead to information disclosure and impact the integrity of user sessions. This is rated as Moderate (CVSS 6.1) because exploitation requires user interaction — a victim must click a crafted link that triggers the redirect (UI:R).
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1. A flaw was found in pypdf. This vulnerability can result in a Denial of Service (DoS) condition, making the affected system unresponsive. Red Hat rates this issue as Moderate severity (CVSS 5.9) because exploitation requires a specially crafted PDF containing thread/article objects to be processed by pypdf's merge functionality. Weakness: CWE-835. Affected Red Hat products: Exploit Intelligence; OpenShift Lightspeed; Red Hat Ansible Automation Platform 2; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI); Red Hat Quay 3. Red Hat does not currently list a fixing RHSA for this CVE.
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2. A flaw was found in pypdf (before 6.12.2). pypdf is vulnerable to denial of service when parsing a crafted PDF containing a /FlateDecode stream with a PNG predictor. An attacker who can supply such a document for processing may cause the application to hang on long runtimes. Red Hat exposure is in Python services that use pypdf for PDF ingestion, including Quay, OpenShift logging/observability tooling, and other containerized apps that bundle the library for document handling. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-770. Red Hat lists Exploit Intelligence; OpenShift Lightspeed; Red Hat Ansible Automation Platform 2; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI); Red Hat Quay 3 as not affected.
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-references. This vulnerability is fixed in 6.12.2. A flaw was found in pypdf. An attacker can craft a malicious PDF document containing a form XObject with self-references. When a user attempts to extract text from a page within this crafted PDF, it can lead to excessive memory consumption. This vulnerability may result in a Denial of Service (DoS) due to resource exhaustion. Moderate: A flaw in pypdf and python-PyPDF2 can lead to a denial of service due to excessive memory consumption. This occurs when processing a specially crafted PDF document containing self-referencing form XObjects during text extraction. The vulnerability requires user interaction to trigger the text extraction process. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-835. Affected Red Hat products: Exploit Intelligence; OpenShift Lightspeed; Red Hat Ansible Automation Platform 2; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI); Red Hat Quay 3. Red Hat does not currently list a fixing RHSA for this CVE.
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0. A flaw was found in pypdf (before 6.13.0). A crafted PDF with outlines can trigger an infinite loop when merged into a PdfWriter, causing denial of service. An attacker who can supply such a document for merge processing may hang the application indefinitely. Red Hat exposure mirrors other pypdf consumers: Python services that merge or rewrite PDFs using the library in Quay, observability, and hybrid platform containers. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-835. Red Hat lists Exploit Intelligence; OpenShift Lightspeed; Red Hat Ansible Automation Platform 2; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI); Red Hat Quay 3 as not affected.
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0. This vulnerability results in a Denial of Service (DoS), making the affected system unresponsive. This Moderate impact flaw in pypdf affects Red Hat products that process untrusted PDF files and extract text in layout mode. An attacker could provide a specially crafted PDF, leading to an infinite loop and a Denial of Service. The vulnerability requires specific processing conditions, contributing to its Moderate severity. Affected method: extract_text(extraction_mode="layout") Red Hat severity: Moderate — CVSS 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-835. Affected Red Hat products: Exploit Intelligence; OpenShift Lightspeed; Red Hat Ansible Automation Platform 2; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI); Red Hat Quay 3. Red Hat does not currently list a fixing RHSA for this CVE.
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing literals, it may still be possible to inject arbitrary IMAP commands inside non-synchronizing literals. A server without support for non-synchronizing literals may interpret the "+}\r\n" as the end of a malformed command line and respond with a tagged BAD. In that case, the contents of the literal will be interpreted as one or more new pipelined commands, allowing a CRLF command injection attack to succeed. This affects criteria for #search and #uid_search; search_keys for #sort, #thread, #uid_sort, and #uid_thread; and attr for #fetch and #uid_fetch. This vulnerability is fixed in 0.6.5 and 0.5.15. This command injection could enable unauthorized actions on the IMAP server. This Moderate flaw in the Net::IMAP Ruby library allows for command injection against IMAP servers that lack support for non-synchronizing literals. An attacker could exploit this by providing specially crafted input, leading to the execution of arbitrary IMAP commands and potential unauthorized actions.
Net::IMAP: Denial of Service via malformed command input. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-88. Red Hat lists fixing advisory RHSA-2026:34293 with package ruby4-0-main-4.0.0-33.4.hum1, ruby3-4-main-3.4.8-31.3.hum1, ruby3-3-main-3.3.10-23.2.hum1.
opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 2.8.0, W3CBaggagePropagator.extract() in @opentelemetry/core does not enforce size limits when parsing inbound baggage HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were only enforced on the outbound (inject()) path, not on the inbound (extract()) path. Parsing oversized baggage causes memory allocation proportional to the header size without any cap. This vulnerability is fixed in 2.8.0. This vulnerability allows a remote attacker to trigger uncontrolled memory allocation by sending oversized baggage HTTP headers. The system's inability to enforce size limits during inbound baggage parsing can lead to resource exhaustion, resulting in a Denial of Service (DoS). Red Hat products ship @opentelemetry/core as a transitive dependency in several components, but the vulnerable W3CBaggagePropagator.extract() code path has limited practical impact. Node.js enforces a default --max-http-header-size of 16,384 bytes, which caps the total size of all HTTP headers before they reach the propagator. The baggage header is already parsed and in memory by the HTTP layer; the additional allocation from the propagator is only the overhead of splitting into entry objects, not an unbounded read.
Starlette is a lightweight ASGI framework/toolkit. Prior to 1.3.0, the HTTP request path is not validated before being used to reconstruct request.url. Because request.url is rebuilt by concatenating {scheme}://{host}{path} and re-parsing the result, a path that does not begin with / (for example @google.com) moves the authority boundary during re-parsing, so request.url.hostname and request.url.netloc become attacker-controlled. Code that reads request.url.hostname (rather than the Host header or scope) can therefore be misled into trusting an attacker-supplied host. This vulnerability is fixed in 1.3.0. A remote attacker could craft a malicious HTTP request path that does not begin with a forward slash, causing the framework to misinterpret the authority boundary. This could lead to `request.url.hostname` and `request.url.netloc` becoming attacker-controlled, potentially misleading applications that rely on these values into trusting an attacker-supplied host. Red Hat rates this issue as having Low impact for Red Hat AI products. Bundled Starlette versions in Red Hat OpenShift AI, Red Hat AI Inference Server, and Red Hat Enterprise Linux AI are either not vulnerable or the flawed path validation is not reachable in supported deployments. Red Hat severity: Low — CVSS 4.8 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). Weakness: CWE-1286.
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, no limit was present on the number of pipelined requests that could be queued. An attacker may be able to use pipelined requests to use excessive amounts of memory, potentially leading to DoS. This vulnerability is fixed in 3.14.1. An attacker could exploit this vulnerability by sending an unlimited number of pipelined requests, causing the system to consume excessive amounts of memory. This could lead to a Denial of Service (DoS), making the affected system unavailable to legitimate users. This vulnerability is rated Moderate because an unauthenticated remote attacker can trigger denial of service against an affected aiohttp HTTP/1 server by sending a large number of pipelined requests, causing excessive memory consumption. Exploitation requires aiohttp to be deployed as an HTTP/1 server that accepts pipelined requests from untrusted clients. Many Red Hat products ship aiohttp as a bundled dependency for client libraries, internal automation, or services that do not expose this server behavior to untrusted users. In those configurations, practical risk may be lower, but affected packages should still be updated to aiohttp 3.14.1 or later when fixes are released. Red Hat severity: Moderate — CVSS 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-770.
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, during cleanup it is possible for a compressed request body to be decompressed into memory in one chunk. An attacker may be able to send a compressed payload in specific situations that could be decompressed into memory, potentially leading to DoS (a zip bomb edge case). This vulnerability is fixed in 3.14.1. This could potentially lead to a Denial of Service (DoS) condition, where the affected system becomes unresponsive or unavailable. Exploitation requires aiohttp deployed as a network-facing HTTP server that accepts compressed request bodies. Many Red Hat products ship aiohttp as a bundled dependency for client libraries, internal automation, or services that do not expose this server path to untrusted users. In those configurations, practical risk may be lower, but affected packages should still be updated to aiohttp 3.14.1 or later when fixes are released. Red Hat severity: Moderate — CVSS 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-409.
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, it is possible to bypass the max_line_size check in parts of an HTTP request in the C parser. If using the optimised C parser (the default in pre-built wheels), then an attacker may be able to send oversized lines through the HTTP parser and use an excessive amount of memory, potentially leading to DoS. This vulnerability is fixed in 3.14.1. A remote attacker can exploit this vulnerability by sending oversized lines within an HTTP request. This bypasses the max_line_size check in the C parser, causing the system to use an excessive amount of memory. This can lead to a Denial of Service (DoS) condition, making the affected system unavailable. Exploitation requires aiohttp to be deployed as a network-facing HTTP server using the optimised C parser (the default in pre-built wheels). Many Red Hat products ship aiohttp as a bundled dependency for client libraries, internal automation, or services that do not expose this server/parser path to untrusted users. In those configurations, practical risk may be lower, but affected packages should still be updated to aiohttp 3.14.1 or later when fixes are released. Red Hat severity: Moderate — CVSS 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-131.
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the server_hostname TLS SNI check can be bypassed when an existing connection is reused. This vulnerability is fixed in 3.14.1. This vulnerability allows a remote attacker to bypass the Transport Layer Security (TLS) Server Name Indication (SNI) check. This occurs when an application reuses an existing connection for multiple requests to the same domain but with different server_hostname parameters. Consequently, later requests may succeed by reusing the existing connection, even if they should have been rejected due to the TLS SNI check, potentially leading to unintended information disclosure or integrity issues. Exploitation requires an application using aiohttp as an HTTPS client with connection pooling enabled, issuing multiple requests to the same host with differing server_hostname overrides. Many Red Hat products ship aiohttp as a bundled dependency without this usage pattern. Affected packages should still be updated to aiohttp 3.14.1 or later when fixes are released. Red Hat severity: Moderate — CVSS 4.8 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). Weakness: CWE-367.
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, if an attacker sends large incomplete websocket frame payloads, it may be possible to bypass the usual size limits on memory use. This vulnerability is fixed in 3.14.1. This can bypass normal memory usage limits, potentially leading to a Denial of Service (DoS) where the affected system becomes unavailable. Exploitation requires aiohttp deployed as a network-facing HTTP server that exposes WebSocket endpoints to untrusted clients. Many Red Hat products ship aiohttp as a bundled dependency for client libraries, internal automation, or services that do not expose WebSocket listeners to untrusted users. In those configurations, practical risk may be lower, but affected packages should still be updated to aiohttp 3.14.1 or later when fixes are released. Red Hat severity: Moderate — CVSS 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-770. Affected Red Hat products: Exploit Intelligence; Migration Toolkit for Applications 8; OpenShift Lightspeed; Red Hat AI Inference Server; Red Hat Ansible Automation Platform 2; Red Hat Ansible Automation Platform Ansible Core 2; Red Hat Discovery 2; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI); Red Hat Satellite 6.
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save() and then restored later with CookieJar.load() lose their host-only status. This vulnerability is fixed in 3.14.1. A flaw was found in aiohttp (before 3.14.1). aiohttp is vulnerable to improper cookie scope handling when persisting and reloading CookieJar data. After save/load, host-only cookies are treated as domain cookies, so session data meant for one host may be sent to subdomains on subsequent requests. Red Hat exposure is in Python asyncio services that bundle aiohttp and persist cookie jars to disk, including AI inference, AAP, and other hybrid platform Python containers. Red Hat severity: Low — CVSS 4.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N). Weakness: CWE-565. Red Hat lists Exploit Intelligence; Migration Toolkit for Applications 8; OpenShift Lightspeed; Red Hat AI Inference Server; Red Hat Ansible Automation Platform 2; Red Hat Ansible Automation Platform Ansible Core 2; Red Hat Discovery 2; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat Hardened Images; Red Hat OpenShift AI (RHOAI); Red Hat Satellite 6; Red Hat Update Infrastructure 4 for Cloud Providers as not affected.
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.0, attacker-controlled input included into multipart/payload headers can be used to modify a request to inject additional headers or similar. In the unlikely situation that an application is passing user-controlled strings into MultipartWriter.append(headers=...) or Payload.headers, then an attacker may be able to modify the request to inject headers or change the contents of the request. This vulnerability is fixed in 3.14.0. This vulnerability, known as CRLF (Carriage Return Line Feed) injection, allows an attacker to modify HTTP requests by injecting malicious input into multipart or payload headers. If an application processes user-controlled data in these headers, an attacker could potentially alter the request's content or inject new headers, leading to unintended application behavior. This Low impact flaw in aiohttp arises from CRLF injection when applications pass untrusted, attacker-controlled input directly into `MultipartWriter.append(headers=...)` or `Payload.headers`. Exploitation is unlikely in typical Red Hat deployments unless custom applications are specifically configured to include unvalidated user input in these HTTP multipart or payload headers, potentially allowing an attacker to inject arbitrary HTTP headers.
protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 8.6.0 and 7.6.3, protobufjs accepted certain schema-derived names that could collide with properties used by protobufjs runtime helpers. The known affected names are fields named hasOwnProperty, field or oneof names such as $type when loaded through protobufjs JSON/reflection descriptors, and service methods whose generated helper name is rpcCall. When affected message or service types were used, protobufjs could read schema-controlled data where it expected an own-property helper, reflected type metadata, or the base RPC helper. This could cause deterministic exceptions or recursive calls in affected decode post-checks, verification, object conversion, reflected JSON serialization, or protobufjs RPC helper invocation. This vulnerability is fixed in 8.6.0 and 7.6.3. A remote attacker could exploit this vulnerability by providing specially crafted protobuf definitions or message types that contain names colliding with internal protobufjs runtime helpers. This could lead to deterministic exceptions or recursive calls during various operations, ultimately causing a Denial of Service (DoS) in applications using the library. Red Hat rates this issue as having Low impact for Red Hat Enterprise Linux AI bootc images.
protobufjs compiles protobuf definitions into JavaScript (JS) functions. From 8.2.0 to 8.4.2, protobufjs preserved unknown wire elements in message.$unknowns and did not provide a decode-time option to discard unknown fields before retaining them. A crafted protobuf payload containing many unknown fields could therefore cause a decoded message to retain substantially more memory than the input size would suggest, even when unknown-field round-tripping is not needed. protobufjs 8.5.0 added the relevant decode-time options, allowing applications that decode untrusted protobuf data to disable unknown-field retention during decode. protobufjs 8.6.2 flips the default so unknown fields are discarded unless explicitly opted into. A flaw was found in protobufjs. A remote attacker could send a specially crafted protobuf payload containing numerous unknown fields. This could cause the decoded message to retain substantially more memory than expected, leading to excessive memory consumption and potentially a Denial of Service (DoS) for applications processing untrusted protobuf data. Red Hat rates this issue as having Low impact for Red Hat Enterprise Linux AI bootc images. Although protobufjs is present as a transitive dependency, the vulnerable parsing path is not exercised in normal product operation. Red Hat severity: Low — CVSS 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
http-proxy-middleware is node.js http-proxy middleware. As a result, a crafted Host header that is only a superstring match for a configured host+path key can still route a request to an unintended backend. This vulnerability is fixed in 2.0.10, 3.0.6, and 4.1.0. Unanchored substring matching on the attacker-controlled Host header can match a configured host+path key without an exact host match, sending the request to the wrong backend. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N). Weakness: CWE-346.