VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
No fix, workaround or mitigation extracted yet
The Tempo Operator's gateway component failed to consistently apply namespace-scoped redaction on some query API response paths when query RBAC was enabled, allowing an authenticated user to read span attributes belonging to other tenants' namespaces. Affected product named by the advisory: Red Hat OpenShift distributed tracing 3.
ImageMagick before 7.1.2-26 contains a use-after-free vulnerability in the FormatMagickCaption method when memory allocation fails. Attackers can trigger memory allocation failures to cause a dangling pointer to reference freed memory, potentially enabling denial of service or code execution. A flaw was found in ImageMagick. Red Hat severity: Moderate — CVSS 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-825. Under investigation: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7.
ImageMagick before 7.1.2-26 and 6.9.13-51 is missing a check for the allowed memory allocation limit in matrix-backed operations such as -canny. An attacker can supply a crafted image that causes ImageMagick to allocate more memory than permitted by the configured policy, resulting in a denial of service. A flaw was found in ImageMagick. A remote attacker could provide a specially crafted image, causing the software to allocate more memory than permitted by its configuration. This can lead to a denial of service (DoS), making the system or application unavailable to legitimate users. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-770. Under investigation: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7.
ImageMagick before 7.1.2-26 contains a heap use-after-free vulnerability caused by missing null check when parsing XMP profiles. Attackers can craft malicious image files with specially crafted XMP data to trigger the vulnerability and cause application crashes. A flaw was found in ImageMagick. This vulnerability allows a remote attacker to cause the application to crash. The issue stems from improper handling of XMP (Extensible Metadata Platform) profiles within image files. By crafting a malicious image with specially designed XMP data, an attacker can trigger a heap use-after-free condition, leading to a denial of service. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-476. Affected Red Hat products: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers to read out of bounds memory. An unrecognized magnify:method value triggers an out of bounds read, potentially exposing sensitive information or causing denial of service. A flaw was found in ImageMagick. This heap buffer overflow vulnerability, identified as CWE-122 (Heap-based Buffer Overflow), occurs in the magnify operation when processing an unrecognized `magnify:method` value. An attacker could exploit this by providing a specially crafted input, leading to an out-of-bounds read. This could potentially expose sensitive information or cause a denial of service (DoS) to the system. Red Hat severity: Moderate — CVSS 6.1 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H). Weakness: CWE-125. Under investigation: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7.
ImageMagick before 7.1.2-15 contains a use-after-free vulnerability in the PDB decoder that uses a stale pointer when memory allocation fails. Attackers can trigger this vulnerability by processing malicious PDB files to cause crashes or write a single zero byte to freed memory. A flaw was found in ImageMagick. This use-after-free vulnerability (CWE-416) exists within the PDB (Program Database) decoder. A remote attacker could exploit this by tricking a user into processing a specially crafted malicious PDB file. This could lead to a denial of service (DoS) due to application crashes or potentially allow for a single zero-byte write to freed memory, resulting in limited data corruption. Red Hat severity: Moderate — CVSS 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H). Weakness: CWE-825. Under investigation: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7.
A security flaw has been discovered in enquirer up to 2.4.1. Affected is the function Enquirer.set of the component Public Package API. The manipulation of the argument question.name results in improperly controlled modification of object prototype attributes. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report. A flaw was found in enquirer, a command-line prompt tool. A remote attacker could exploit a vulnerability in the `Enquirer.set` function by manipulating the `question.name` argument. This improper handling of object prototype attributes can lead to prototype pollution, allowing an attacker to modify the behavior of an application. This could result in unexpected application behavior or potentially lead to further attacks. This could lead to unexpected application behavior in Red Hat products that use `enquirer` to process untrusted input, as an attacker could modify object attributes. The public availability of an exploit increases the risk. Red Hat severity: Moderate — CVSS 4.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N). Weakness: CWE-915. Affected Red Hat products: OpenShift Pipelines; Red Hat Hardened Images; Red Hat OpenShift AI (RHOAI); Red Hat OpenShift Container Platform 4.
An integer overflow in the jbig2_arith_iaid_ctx_new() function of Artifex commit cc37d0 allows attackers to cause a Denial of Service (DoS) via a crafted input. A flaw was found in jbig2dec. This can lead to the affected system becoming unresponsive or crashing, disrupting its normal operation. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-190. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Red Hat does not currently list a fixing RHSA for this CVE.
TLS ECH decryptor crash in Wireshark 4.6.0 to 4.6.6 allows denial of service A flaw was found in Wireshark. This vulnerability allows a remote attacker to cause a denial of service by crafting a malicious TLS Encrypted Client Hello (ECH) packet. When Wireshark attempts to decrypt this malformed packet, it can lead to a crash of the application, making it unavailable. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-617. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
Crash in ciscodump 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service A flaw was found in Wireshark, specifically within its `ciscodump` component. The issue can be exploited through user interaction, making the affected component unavailable. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-476. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Will not fix / out of support: Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7. Red Hat does not currently list a fixing RHSA for this CVE.
GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to obtain another user's stored credentials due to improper authorization controls. A flaw was found in GitLab EE. This vulnerability allows the user to obtain other users' stored credentials, leading to unauthorized information disclosure. Red Hat severity: Moderate — CVSS 4.9 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). Weakness: CWE-266. Affected Red Hat products: OpenShift Pipelines; Red Hat OpenShift Container Platform 4. Red Hat does not currently list a fixing RHSA for this CVE.
A flaw was found in `guardrails-detectors`, a component of Red Hat OpenShift AI. This vulnerability, known as Regular Expression Denial of Service (ReDoS), allows a remote attacker to provide specially crafted regular expressions to the public detection API. This can cause catastrophic backtracking, leading to a worker process consuming 100% CPU indefinitely and resulting in a denial of service for the entire guardrails-mediated LLM pipeline. Exploitation requires network adjacency, as end-users do not directly interact with the vulnerable API. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-1333. Affected Red Hat products: Red Hat OpenShift AI (RHOAI). Red Hat does not currently list a fixing RHSA for this CVE.
AFFiNE's histories GraphQL field fails to validate Doc.Read permission before exposing document edit history, allowing authenticated workspace members to retrieve restricted content timelines. Attackers can supply arbitrary document GUIDs to access full edit histories including user names, emails, and timestamps of private pages they lack access to. A flaw was found in AFFiNE. This vulnerability allows an authenticated workspace member to bypass document read permissions by supplying arbitrary document Globally Unique Identifiers (GUIDs) to the histories GraphQL field. This Moderate impact information disclosure flaw in AFFiNE allows authenticated workspace members to bypass document read permissions. This issue primarily affects deployments of AFFiNE and does not directly impact Red Hat products. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). Weakness: CWE-639. Red Hat lists Red Hat AI Inference Server; Red Hat Enterprise Linux AI (RHEL AI) 3; Red Hat OpenShift AI (RHOAI) as not affected.
A flaw was found in the TrustyAI Service Operator. When deploying services like gorch or NemoGuardrails, if a specific security setting is not enabled, these services can expose their communication channels without requiring users to prove their identity. This allows any other program within the cluster to access the AI guardrails and orchestrator without proper authorization. An attacker could exploit this to gain unauthorized access to sensitive information and potentially make limited changes to the AI models. By default, these services expose plain HTTP endpoints without authentication, enabling any co-located pod to access AI guardrails and orchestrator APIs. This could result in unauthorized access to sensitive data and potential manipulation of AI models. Red Hat severity: Moderate — CVSS 6.3 (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). Affected Red Hat products: Red Hat OpenShift AI (RHOAI). Red Hat does not currently list a fixing RHSA for this CVE.
A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing the kube-rbac-proxy and its authentication mechanisms. Red Hat severity: Moderate — CVSS 6.3 (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). Weakness: CWE-306. Affected Red Hat products: Red Hat OpenShift AI (RHOAI). Red Hat does not currently list a fixing RHSA for this CVE.
DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment. The preparse method normalises SQL and removes comments. When the SQL starts with a comment line, the deletion of that line during normalisation led to an out-of-bounds read by one byte. The result is a fault on memory-hardened builds and nondeterministic newline retention on normal builds. This issue may cause a program fault on systems with memory hardening or result in unpredictable newline retention in other environments. Red Hat severity: Moderate — CVSS 5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H). Weakness: CWE-125. Affected Red Hat products: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 6; Red Hat Enterprise Linux 7; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9. Red Hat does not currently list a fixing RHSA for this CVE.
A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker incorrectly synchronizes the email_verified claim. When an OIDC identity provider is configured with trustEmail=true and the userinfo endpoint is enabled, Keycloak retrieves the email address from the userinfo response but retrieves the email_verified status exclusively from the id_token. The root cause is a lack of validation ensuring that the email_verified claim in the id_token actually refers to the email address returned by the userinfo endpoint. If these two sources return different email addresses, the id_token's email_verified=true claim is blindly applied to the userinfo email. Exploitation Conditions: The OIDC identity provider must have trustEmail set to true (non-default). The attacker must control or have compromised the upstream OIDC provider. Concrete Impact: Mark arbitrary email addresses as verified in the Keycloak database. Bypass email-based security controls or verification workflows. Potential account takeover if the application relies solely on the email_verified flag from the IdP to link accounts. Successful exploitation allows an attacker to cause an arbitrary email address to be marked as verified in Keycloak without proper validation. Red Hat severity: Moderate — CVSS 4.8 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). Weakness: CWE-1288.
A flaw was found in the Fine-Grained Admin Permissions (FGAP) v2 implementation within Keycloak's administrative services. When FGAP v2 is enabled, the system fails to properly filter child groups based on the caller's specific permissions when requested through a parent group. This allows a delegated administrator to view details of child groups they are not authorized to access directly, including group names, paths, and custom attributes. The Red Hat Product Security team has assessed the severity of this vulnerability as Moderate, given that it requires the attacker to possess a delegated administrator role with specific permissions. Successful exploitation allows an attacker to disclose sensitive group metadata and attributes that should be restricted. The vulnerability's root cause is an improper conditional check in the group retrieval logic that fails to apply permission filters when FGAP v2 is enabled. Weakness: CWE-1220. Affected Red Hat products: Red Hat Build of Keycloak. Red Hat does not currently list a fixing RHSA for this CVE.
A flaw was found in the ClientResource component of Keycloak's admin services when Fine-Grained Admin Permissions (FGAP) v2 is enabled. This issue allows a delegated administrator, who should only have limited control over specific clients, to attach or remove hidden client scopes that they are not authorized to see or manage. As a result, an attacker could inject unauthorized data or permissions into the security tokens issued to end-users, potentially tricking other applications into granting higher levels of access than intended. The Red Hat Product Security team has assessed the severity of this vulnerability as Moderate, given that exploitation requires the attacker to already hold a delegated administrator role with specific client management permissions and knowledge of internal resource identifiers (UUIDs). Successful exploitation allows an attacker to bypass fine-grained authorization boundaries to modify the contents of tokens issued by Keycloak, potentially leading to unauthorized actions in downstream applications. The vulnerability's root cause is a missing authorization check on the referenced client scope during the assignment process in the admin REST API. Affected Red Hat products: Red Hat Build of Keycloak. Red Hat does not currently list a fixing RHSA for this CVE.
A vulnerability was discovered in Keycloak's administrative interface that allows certain administrators to see information about groups they shouldn't have access to. When the new Fine-Grained Admin Permissions (FGAP v2) are turned on, an administrator who is allowed to see a specific "role" can also see a list of all groups assigned to that role. The system fails to check if the administrator has permission to see those specific groups. This could allow a restricted administrator to discover "hidden" groups and see their details, such as internal names and custom settings, which might contain sensitive deployment information. The Red Hat Product Security team has assessed the severity of this vulnerability as Moderate. While it allows for an unauthorized disclosure of group metadata, it requires the attacker to already possess a delegated administrative role with specific view permissions. The vulnerability is a result of a missing authorization check in the RoleContainerResource component when FGAP v2 is active. Direct access to the hidden groups remains protected; the leak occurs only through the role-to-group mapping enumeration endpoint. Affected Red Hat products: Red Hat Build of Keycloak. Red Hat does not currently list a fixing RHSA for this CVE.