CVE-2024-9453
- EPSS 0.04%
- Veröffentlicht 04.07.2025 08:36:35
- Zuletzt bearbeitet 18.08.2025 19:02:46
A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the logs and potentially carries a high risk if those logs are centralized when collected. The token is typically valid for one year. This flaw allows a mal...
CVE-2024-1485
- EPSS 0.81%
- Veröffentlicht 14.02.2024 00:15:46
- Zuletzt bearbeitet 21.11.2024 08:50:41
A flaw was found in the decompression function of registry-support. This issue can be triggered if an unauthenticated remote attacker tricks a user into parsing a devfile which uses the `parent` or `plugin` keywords. This could download a malicious a...
CVE-2023-48795
- EPSS 64.06%
- Veröffentlicht 18.12.2023 16:15:10
- Zuletzt bearbeitet 29.09.2025 21:56:10
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client a...
CVE-2023-44487
- EPSS 94.44%
- Veröffentlicht 10.10.2023 14:15:10
- Zuletzt bearbeitet 11.06.2025 17:29:54
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2023-2253
- EPSS 0.09%
- Veröffentlicht 06.06.2023 20:15:12
- Zuletzt bearbeitet 07.01.2025 22:15:29
A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large ...