Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 16 |
CVE-ID | CVE-2018-25091 CVE-2021-33198 CVE-2021-34558 CVE-2022-2879 CVE-2022-2880 CVE-2022-41715 CVE-2023-29409 CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 CVE-2023-39326 CVE-2023-45287 CVE-2023-45803 CVE-2023-48795 CVE-2024-23650 |
CWE-ID | CWE-200 CWE-399 CWE-295 CWE-20 CWE-400 CWE-79 CWE-203 CWE-326 CWE-754 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #3 is available. |
Vulnerable software |
Red Hat Enterprise Linux for ARM 64 Operating systems & Components / Operating system Red Hat Enterprise Linux for Power, little endian Operating systems & Components / Operating system Red Hat Enterprise Linux for IBM z Systems Operating systems & Components / Operating system Red Hat Enterprise Linux for x86_64 Operating systems & Components / Operating system |
Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 16 vulnerabilities.
EUVDB-ID: #VU82979
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-25091
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to urllib3 does not remove the authorization HTTP header when following a cross-origin redirect. A remote attacker can gain access to sensitive information.
Note, the vulnerability exists due to incomplete fix for #VU26413 (CVE-2018-20060).
Install updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU56024
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-33198
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the application when handling a large exponent to the math/big.Rat SetString or UnmarshalText method. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU55665
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2021-34558
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper certificate verification in crypto/tls package in Go when processing X.509 certificates. The application does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU68387
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2879
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to absent limits on the maximum size of file headers within the Reader.Read method in archive/tar. A remote attacker can pass a specially crafted file to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68389
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-2880
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform parameter smuggling attacks.
The vulnerability exists due to incorrect handling of requests forwarded by ReverseProxy in net/http/httputil. A remote attacker can supply specially crafted parameters that cannot be parsed and are rejected by net/http and force the application to include these parameters into the forwarding request. As a result, a remote attacker can smuggle potentially dangerous HTTP parameters into the request.
Install updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU68390
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-41715
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in regexp/syntax when handling regular expressions. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78913
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29409
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to verifying certificate chains containing large RSA keys is slow. A remote attacker can cause a client/server to expend significant CPU time verifying signatures.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU80572
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39318
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the html/template package when handling HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. A remote attacker can pass specially crafted input to the application and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU80573
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39319
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists within the html/template package caused by improperly applied rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. A remote attacker can pass specially crafted input to the application and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU80574
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39321
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in crypto/tls when processing post-handshake message on QUIC connections. A remote attacker can send an incomplete post-handshake message for a QUIC connection and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU80575
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39322
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in crypto/tls when processing post-handshake message on QUIC connections. A remote attacker can send an incomplete post-handshake message for a QUIC connection and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU83928
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-39326
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when handling HTTP chunked requests. A remote attacker can send specially crafted HTTP requests to the server and consume excessive memory resources.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU86309
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-45287
CWE-ID:
CWE-203 - Observable discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a timing discrepancy when handling RSA based TLS key exchanges. A remote attacker can perform a Marvin attack and gain access to sensitive information.
Install updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82978
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-45803
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to urllib3 does not remove the HTTP request body when redirecting HTTP response using status codes 301, 302, or 303, after the request had its method changed from one that could accept a request body (e.g. from POST to GET). A remote attacker can gain access to potentially sensitive information.
Install updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU84537
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-48795
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to incorrect implementation of the SSH Binary Packet Protocol (BPP), which mishandles the handshake phase and the use of sequence numbers. A remote attacker can perform MitM attack and delete the SSH2_MSG_EXT_INFO message sent before authentication starts, allowing the attacker to disable a subset of the keystroke timing obfuscation features introduced in OpenSSH 9.5.
The vulnerability was dubbed "Terrapin attack" and it affects both client and server implementations.
Install updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU86039
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-23650
CWE-ID:
CWE-754 - Improper Check for Unusual or Exceptional Conditions
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling. A remote attacker can send specially crafted data to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
CPE2.3http://access.redhat.com/errata/RHSA-2024:2988
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.