VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Advisories the vendor has revised
A user with Viewer permissions can use specially crafted requests to the Tempo and Loki data source plugins to reach unintended backend endpoints. Depending on the backend configuration this can expose data source credentials, leak internal responses, or trigger administrative actions on the configured backend. A remote attacker with a Viewer role could exploit a path traversal vulnerability by manipulating user-supplied input in URL paths. This could allow the attacker to capture sensitive administrator-configured datasource credentials, invoke state-changing administrative functions on Tempo, or exfiltrate internal service data from Loki. Red Hat severity: Moderate — CVSS 5.4 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L). Weakness: CWE-22. Affected Red Hat products: Multicluster Global Hub; Red Hat Advanced Cluster Management for Kubernetes 2; Red Hat Ceph Storage 5; Red Hat Ceph Storage 6; Red Hat Ceph Storage 7; Red Hat Ceph Storage 8; Red Hat Ceph Storage 9; Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Red Hat does not currently list a fixing RHSA for this CVE.
Use After Free in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0 allows a remote attacker to cause a denial-of-service via maliciously crafted XML input with improper entity resolution handling. A flaw was found in libxml2. This improper handling of entity resolution can lead to a denial-of-service (DoS), making the affected system or application unavailable. This Moderate impact use-after-free vulnerability in libxml2 can lead to a denial of service in Red Hat products that process untrusted XML input. In the worst-case scenario, a remote attacker is able to provide specially crafted XML, which, if parsed by an affected application, could cause the application to crash. Red Hat severity: Moderate — CVSS 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-416. Affected Red Hat products: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat OpenShift Container Platform 4. Red Hat lists Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 7; Red Hat Hardened Images as not affected. Will not fix / out of support: Red Hat Enterprise Linux 6. Red Hat does not currently list a fixing RHSA for this CVE.
A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary information without first verifying that the NAL unit contains enough data beyond the extension header. An attacker could exploit this by tricking a user into opening a malicious H.264 video file, potentially causing the application to crash or leak a single byte of heap memory. Red Hat product impact analysis pending. Component mapping required to determine which products ship the affected code. The vulnerable code path specifically affects H.264 NAL extension slices (type 20) used in MVC (Multi-view Video Coding) and SVC (Scalable Video Coding) formats, which are less commonly encountered than baseline H.264. The out-of-bounds read is limited to 1 byte and requires local file access with user interaction (opening a crafted video file). Modern Linux distributions include ASLR and stack canaries which provide some defense-in-depth against heap-based vulnerabilities, though these do not prevent the initial out-of-bounds read from occurring. Red Hat severity: Moderate — CVSS 4.4 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L). Weakness: CWE-125.
A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application Programming Interface) indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific configurations involving GSSAPI authentication and a Kerberos environment, could exploit this to cause the SSH authentication path to crash or abort. This leads to a denial of service (DoS), impacting the availability of the SSH service. This flaw is rated Low. A heap out-of-bounds read in OpenSSH's GSSAPI authentication component can lead to a denial of service. Exploitation requires `GSSAPIAuthentication` to be explicitly enabled, which is not the default configuration in Red Hat products, and a Kerberos environment providing authenticated `auth-indicators`. The impact is limited to the availability of the SSH authentication process. This vulnerability doesn't affect the upstream OpenSSH versions and is restricted to the versions as shipped with Red Hat Enterprise Linux. Red Hat severity: Low — CVSS 3.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Weakness: CWE-125. Affected Red Hat products: Red Hat Hardened Images; Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9.
React Router is a router for React. This is a low severity vulnerability because modern browser protections (CORS preflight, SameSite cookies) already block the cross-origin attack vectors that this missing CSRF check would otherwise gate. This vulnerability is fixed in 7.15.1. Insufficient Cross-Site Request Forgery (CSRF) checks in the framework mode allow a remote attacker to bypass these protections on PUT, PATCH, and DELETE requests. This could lead to a low integrity impact, where an attacker might be able to perform unintended actions on behalf of a user. Modern browser security features, such as Cross-Origin Resource Sharing (CORS) preflight and SameSite cookies, significantly limit the practical exploitability of this vulnerability. Red Hat severity: Low — CVSS 3.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N). Weakness: CWE-352. Affected Red Hat products: Exploit Intelligence; Network Observability Operator; OpenShift Pipelines; Red Hat Ansible Automation Platform 2; Red Hat Data Grid 8; Red Hat OpenShift AI (RHOAI); Red Hat OpenShift Container Platform 4; Red Hat Quay 3; Red Hat Trusted Artifact Signer; Red Hat Trusted Profile Analyzer.
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.31, parse_form() did not validate the Content-Length header before using it to bound its chunked read of the request body. A negative Content-Length turned the bounded read into a read-until-EOF, so the entire body was loaded into memory in a single read instead of in fixed-size chunks. The realistic exposure is limited to bespoke WSGI or http.server handlers that forward raw client headers directly into parse_form(). Common frameworks such as Starlette and FastAPI do not call parse_form() directly and are not affected by this specific code path. Red Hat severity: Low — CVSS 3.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). Weakness: CWE-400. Affected Red Hat products: Exploit Intelligence; Migration Toolkit for Applications 8; OpenShift Lightspeed; Red Hat AI Inference Server; Red Hat Ansible Automation Platform 2; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI); Red Hat OpenShift Virtualization 4; Red Hat Satellite 6. Red Hat lists OpenShift Lightspeed; Red Hat Hardened Images as not affected. Red Hat does not currently list a fixing RHSA for this CVE.
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parse_options_header parsed Content-Disposition (and Content-Type) headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax (filename*=charset'lang'value, name*=..., and the filename*0/filename*1 continuation form) is decoded and surfaced under the bare filename/name key, and overrides the plain parameter when both are present. RFC 7578 §4.2 explicitly forbids the filename* form in multipart/form-data. Components that follow RFC 7578, or that do not implement RFC 2231/5987 decoding for multipart/form-data (WAFs, proxies, gateways), may interpret such a header differently. An attacker can exploit that difference to smuggle a different field name or filename past an upstream inspector to the backend. This vulnerability is fixed in 0.0.30. This vulnerability allows a remote attacker to bypass security controls by exploiting a difference in how Content-Disposition and Content-Type headers are parsed. Specifically, the parse_options_header function incorrectly applies RFC 2231/5987 decoding, which is forbidden for multipart/form-data. Red Hat severity: Low — CVSS 3.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Weakness: CWE-1286.
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. This likely requires an open redirect vulnerability or similar on the target domain for an attacker to be able to execute. Further, the attacker is only receiving the digest, so should only be able to extract the user's credentials if the cryptography is weak or there is some kind of password reuse. This vulnerability is fixed in 3.14.1. This could allow a remote attacker, in conjunction with an open redirect vulnerability on the target domain, to potentially extract a user's credentials if weak cryptography is used or if there is password reuse. This vulnerability primarily leads to information disclosure. Red Hat severity: Low — CVSS 3.1 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N). Weakness: CWE-940. Affected Red Hat products: Exploit Intelligence; Migration Toolkit for Applications 8; OpenShift Lightspeed; Red Hat AI Inference Server; Red Hat Ansible Automation Platform 2; Red Hat Ansible Automation Platform Ansible Core 2; Red Hat Discovery 2; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI); Red Hat Satellite 6. Red Hat lists Red Hat Hardened Images as not affected. Red Hat does not currently list a fixing RHSA for this CVE.
Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is running Babel, if the attacker controls the input source code, can read the output source code, and knows the path of the source map file that they want to read. This vulnerability is fixed in 8.0.0-rc.6 and 7.29.6. Red Hat rates this issue as having Low impact for Red Hat AI products. @babel/core is bundled only in build-time or developer UI tooling (dashboard, model registry, MLflow) and the arbitrary file read requires local access and attacker-controlled source map processing that is not exposed in normal production use. Red Hat severity: Low — CVSS 3.6 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N). Weakness: CWE-22.