Filtered by vendor Redhat Subscriptions
Filtered by product Acm Subscriptions
Total 179 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-24773 2 Digitalbazaar, Redhat 5 Forge, Acm, Openshift Data Foundation and 2 more 2024-11-21 5.3 Medium
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.
CVE-2022-24772 2 Digitalbazaar, Redhat 6 Forge, Acm, Jboss Enterprise Bpms Platform and 3 more 2024-11-21 7.5 High
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code does not check for tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.
CVE-2022-24771 2 Digitalbazaar, Redhat 6 Forge, Acm, Jboss Enterprise Bpms Platform and 3 more 2024-11-21 7.5 High
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. Prior to version 1.3.0, RSA PKCS#1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. The issue has been addressed in `node-forge` version 1.3.0. There are currently no known workarounds.
CVE-2022-24723 2 Redhat, Uri.js Project 3 Acm, Jboss Fuse, Uri.js 2024-11-21 5.3 Medium
URI.js is a Javascript URL mutation library. Before version 1.19.9, whitespace characters are not removed from the beginning of the protocol, so URLs are not parsed properly. This issue has been patched in version 1.19.9. Removing leading whitespace from values before passing them to URI.parse can be used as a workaround.
CVE-2022-24450 2 Nats, Redhat 3 Nats Server, Nats Streaming Server, Acm 2024-11-21 8.8 High
NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature.
CVE-2022-23806 4 Debian, Golang, Netapp and 1 more 14 Debian Linux, Go, Beegfs Csi Driver and 11 more 2024-11-21 9.1 Critical
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
CVE-2022-21803 2 Nconf Project, Redhat 2 Nconf, Acm 2024-11-21 7.3 High
This affects the package nconf before 0.11.4. When using the memory engine, it is possible to store a nested JSON representation of the configuration. The .set() function, that is responsible for setting the configuration properties, is vulnerable to Prototype Pollution. By providing a crafted property, it is possible to modify the properties on the Object.prototype.
CVE-2022-1962 2 Golang, Redhat 16 Go, Acm, Application Interconnect and 13 more 2024-11-21 5.5 Medium
Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations.
CVE-2022-1705 2 Golang, Redhat 22 Go, Acm, Application Interconnect and 19 more 2024-11-21 6.5 Medium
Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.
CVE-2022-1365 2 Cross-fetch Project, Redhat 4 Cross-fetch, Acm, Jboss Enterprise Bpms Platform and 1 more 2024-11-21 6.5 Medium
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository lquixada/cross-fetch prior to 3.1.5.
CVE-2022-0778 8 Debian, Fedoraproject, Mariadb and 5 more 25 Debian Linux, Fedora, Mariadb and 22 more 2024-11-21 7.5 High
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).
CVE-2022-0613 3 Fedoraproject, Redhat, Uri.js Project 6 Fedora, Acm, Enterprise Linux and 3 more 2024-11-21 6.5 Medium
Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8.
CVE-2022-0536 2 Follow-redirects Project, Redhat 7 Follow-redirects, Acm, Openshift Data Foundation and 4 more 2024-11-21 2.6 Low
Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8.
CVE-2022-0235 4 Debian, Node-fetch Project, Redhat and 1 more 14 Debian Linux, Node-fetch, Acm and 11 more 2024-11-21 6.1 Medium
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
CVE-2022-0155 3 Follow-redirects Project, Redhat, Siemens 4 Follow-redirects, Acm, Rhev Manager and 1 more 2024-11-21 6.5 Medium
follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
CVE-2022-0144 2 Redhat, Shelljs Project 2 Acm, Shelljs 2024-11-21 7.1 High
shelljs is vulnerable to Improper Privilege Management
CVE-2021-43858 2 Minio, Redhat 2 Minio, Acm 2024-11-21 8.8 High
MinIO is a Kubernetes native application for cloud storage. Prior to version `RELEASE.2021-12-27T07-23-18Z`, a malicious client can hand-craft an HTTP API call that allows for updating policy for a user and gaining higher privileges. The patch in version `RELEASE.2021-12-27T07-23-18Z` changes the accepted request body type and removes the ability to apply policy changes through this API. There is a workaround for this vulnerability: Changing passwords can be disabled by adding an explicit `Deny` rule to disable the API for users.
CVE-2021-43816 3 Fedoraproject, Linuxfoundation, Redhat 3 Fedora, Containerd, Acm 2024-11-21 8 High
containerd is an open source container runtime. On installations using SELinux, such as EL8 (CentOS, RHEL), Fedora, or SUSE MicroOS, with containerd since v1.5.0-beta.0 as the backing container runtime interface (CRI), an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any privileged, regular file on disk for complete read/write access (sans delete). Such is achieved by placing the in-container location of the hostPath volume mount at either `/etc/hosts`, `/etc/hostname`, or `/etc/resolv.conf`. These locations are being relabeled indiscriminately to match the container process-label which effectively elevates permissions for savvy containers that would not normally be able to access privileged host files. This issue has been resolved in version 1.5.9. Users are advised to upgrade as soon as possible.
CVE-2021-43565 2 Golang, Redhat 9 Ssh, Acm, Advanced Cluster Security and 6 more 2024-11-21 7.5 High
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
CVE-2021-41190 3 Fedoraproject, Linuxfoundation, Redhat 10 Fedora, Open Container Initiative Distribution Specification, Open Container Initiative Image Format Specification and 7 more 2024-11-21 3 Low
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents that contain both “manifests” and “layers” fields could be interpreted as either a manifest or an index in the absence of an accompanying Content-Type header. If a Content-Type header changed between two pulls of the same digest, a client may interpret the resulting content differently. The OCI Distribution Specification has been updated to require that a mediaType value present in a manifest or index match the Content-Type header used during the push and pull operations. Clients pulling from a registry may distrust the Content-Type header and reject an ambiguous document that contains both “manifests” and “layers” fields or “manifests” and “config” fields if they are unable to update to version 1.0.1 of the spec.