CVE-2024-12085
- EPSS 9.35%
- Veröffentlicht 14.01.2025 18:15:25
- Zuletzt bearbeitet 29.06.2026 21:16:30
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of un...
CVE-2024-12086
- EPSS 1.76%
- Veröffentlicht 14.01.2025 18:15:25
- Zuletzt bearbeitet 30.06.2026 00:16:48
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send chec...
CVE-2024-12088
- EPSS 4.58%
- Veröffentlicht 14.01.2025 18:15:25
- Zuletzt bearbeitet 30.06.2026 00:16:48
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, w...
CVE-2024-12698
- EPSS 0.47%
- Veröffentlicht 18.12.2024 05:15:07
- Zuletzt bearbeitet 15.04.2026 00:35:42
An incomplete fix for ose-olm-catalogd-container was issued for the Rapid Reset Vulnerability (CVE-2023-39325/CVE-2023-44487) where only unauthenticated streams were protected, not streams created by authenticated sources.
CVE-2024-6538
- EPSS 0.57%
- Veröffentlicht 25.11.2024 07:15:06
- Zuletzt bearbeitet 15.04.2026 00:35:42
A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exp...
CVE-2024-0793
- EPSS 0.6%
- Veröffentlicht 17.11.2024 11:15:06
- Zuletzt bearbeitet 15.04.2026 00:35:42
A flaw was found in kube-controller-manager. This issue occurs when the initial application of a HPA config YAML lacking a .spec.behavior.scaleUp block causes a denial of service due to KCM pods going into restart churn.
CVE-2024-11217
- EPSS 0.36%
- Veröffentlicht 15.11.2024 21:15:06
- Zuletzt bearbeitet 26.06.2026 05:16:25
A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when the logLevel is Debug higher for OIDC/GitHub/GitLab/Google IDPs login options.
CVE-2024-50311
- EPSS 0.58%
- Veröffentlicht 22.10.2024 14:15:19
- Zuletzt bearbeitet 25.02.2025 08:15:29
A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to subm...
CVE-2024-50312
- EPSS 0.52%
- Veröffentlicht 22.10.2024 14:15:19
- Zuletzt bearbeitet 15.01.2025 02:15:26
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the atta...
CVE-2024-9676
- EPSS 1.35%
- Veröffentlicht 15.10.2024 16:15:06
- Zuletzt bearbeitet 19.03.2026 18:16:13
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image us...