[{"CVE":"CVE-2024-2466","severity":"moderate","public_date":"2024-03-27T00:00:00Z","advisories":[],"bugzilla":"2270497","bugzilla_description":"curl: TLS certificate check bypass with mbedTLS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-297","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2466.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2024-2398","severity":"moderate","public_date":"2024-03-27T00:00:00Z","advisories":[],"bugzilla":"2270498","bugzilla_description":"curl: HTTP/2 push headers memory-leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2398.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-2379","severity":"low","public_date":"2024-03-27T00:00:00Z","advisories":[],"bugzilla":"2270499","bugzilla_description":"curl: QUIC certificate check bypass with wolfSSL","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2379.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2024-2004","severity":"low","public_date":"2024-03-27T00:00:00Z","advisories":[],"bugzilla":"2270500","bugzilla_description":"curl: Usage of disabled protocol","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-115","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2004.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2024-26644","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271644","bugzilla_description":"kernel: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26644.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26645","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271648","bugzilla_description":"kernel: tracing: Ensure visibility when inserting an element into tracing_map","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26645.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52627","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271678","bugzilla_description":"kernel: iio: adc: ad7091r: Allow users to configure device events","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52627.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52626","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271680","bugzilla_description":"kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52626.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52625","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271682","bugzilla_description":"kernel: drm/amd/display: Refactor DMCUB enter/exit idle interface","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52625.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52624","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271684","bugzilla_description":"kernel: drm/amd/display: Wake DMCUB before executing GPINT commands","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52624.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52623","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271686","bugzilla_description":"kernel: SUNRPC: Fix a suspicious RCU usage warning","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52623.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52622","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271688","bugzilla_description":"kernel: ext4: avoid online resizing failures due to oversized flex bg","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52622.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52621","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271690","bugzilla_description":"kernel: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52621.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-2955","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271741","bugzilla_description":"Wireshark: denial of service via packet injection or crafted capture file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-762","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2955.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-26646","severity":"moderate","public_date":"2024-03-26T00:00:00Z","advisories":[],"bugzilla":"2271788","bugzilla_description":"kernel: thermal: intel: hfi: Add syscore callbacks for system-wide PM","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26646.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47168","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271432","bugzilla_description":"kernel: NFS: fix an incorrect limit in filelayout_decode_layout()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47168.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47167","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271433","bugzilla_description":"kernel: NFS: Fix an Oopsable condition in __nfs_pageio_add_request()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47167.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47166","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271443","bugzilla_description":"kernel: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47166.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47165","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271448","bugzilla_description":"kernel: drm/meson: fix shutdown crash when component not probed","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47165.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47164","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271451","bugzilla_description":"kernel: net/mlx5e: Fix null deref accessing lag dev","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47164.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47163","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271452","bugzilla_description":"kernel: tipc: wait and exit until all work queues are done","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47163.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47162","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271455","bugzilla_description":"kernel: tipc: skb_linearize the head skb when reassembling msgs","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47162.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47180","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271458","bugzilla_description":"kernel: NFC: nci: fix memory leak in nci_allocate_device","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47180.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47179","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271459","bugzilla_description":"kernel: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47179.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47161","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271460","bugzilla_description":"kernel: spi: spi-fsl-dspi: Fix a resource leak in an error handling path","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47161.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47178","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271461","bugzilla_description":"kernel: scsi: target: core: Avoid smp_processor_id() in preemptible code","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47178.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47177","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271462","bugzilla_description":"kernel: iommu/vt-d: Fix sysfs leak in alloc_iommu()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47177.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47176","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271463","bugzilla_description":"kernel: s390/dasd: add missing discipline function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47176.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47175","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271465","bugzilla_description":"kernel: net/sched: fq_pie: fix OOB access in the traffic path","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47175.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47174","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271466","bugzilla_description":"kernel: netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47174.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47173","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271467","bugzilla_description":"kernel: misc/uss720: fix memory leak in uss720_probe","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47173.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47172","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271468","bugzilla_description":"kernel: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47172.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47171","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271469","bugzilla_description":"kernel: net: usb: fix memory leak in smsc75xx_bind","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47171.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47170","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271470","bugzilla_description":"kernel: USB: usbfs: Don't WARN about excessively large memory allocations","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47170.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47169","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271471","bugzilla_description":"kernel: serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47169.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47160","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271472","bugzilla_description":"kernel: net: dsa: mt7530: fix VLAN traffic leaks","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47160.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47159","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271473","bugzilla_description":"kernel: net: dsa: fix a crash if ->get_sset_count() fails","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47159.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47158","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271474","bugzilla_description":"kernel: net: dsa: sja1105: add error handling in sja1105_setup()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47158.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47152","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271475","bugzilla_description":"kernel: mptcp: fix data stream corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47152.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47153","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271476","bugzilla_description":"kernel: i2c: i801: Don't generate an interrupt on bus reset","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47153.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47145","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271477","bugzilla_description":"kernel: btrfs: do not BUG_ON in link_to_fixup_dir","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47145.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47144","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271478","bugzilla_description":"kernel: drm/amd/amdgpu: fix refcount leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47144.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47143","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271479","bugzilla_description":"kernel: net/smc: remove device from smcd_dev_list after failed device_add()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47143.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47142","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271480","bugzilla_description":"kernel: drm/amdgpu: Fix a use-after-free","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47142.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47141","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271481","bugzilla_description":"kernel: gve: Add NULL pointer checks when freeing irqs.","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47141.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47140","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271482","bugzilla_description":"kernel: iommu/amd: Clear DMA ops when switching domain","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47140.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47139","severity":"moderate","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271483","bugzilla_description":"kernel: net: hns3: put off calling register_netdev() until client initialize complete","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47139.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47138","severity":"low","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271484","bugzilla_description":"kernel: cxgb4: avoid accessing registers when clearing filters","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47138.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47151","severity":"low","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271485","bugzilla_description":"kernel: interconnect: qcom: bcm-voter: add a missing of_node_put()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47151.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47150","severity":"low","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271487","bugzilla_description":"kernel: net: fec: fix the potential memory leak in fec_enet_init()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47150.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47149","severity":"low","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271488","bugzilla_description":"kernel: net: fujitsu: fix potential null-ptr-deref","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47149.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47148","severity":"low","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271495","bugzilla_description":"kernel: octeontx2-pf: fix a buffer overflow in otx2_set_rxfh_context()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47148.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2021-47147","severity":"low","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271496","bugzilla_description":"kernel: ptp: ocp: Fix a resource leak in an error handling path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47147.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47146","severity":"low","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271497","bugzilla_description":"kernel: mld: fix panic in mld_newpack()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47146.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47136","severity":"low","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271498","bugzilla_description":"kernel: net: zero-initialize tc skb extension on allocation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47136.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47137","severity":"low","public_date":"2024-03-25T00:00:00Z","advisories":[],"bugzilla":"2271499","bugzilla_description":"kernel: net: lantiq: fix memory corruption in RX ring","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47137.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2024-30156","severity":"important","public_date":"2024-03-24T00:00:00Z","advisories":[],"bugzilla":"2271486","bugzilla_description":"varnish: HTTP/2 Broken Window Attack may result in denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30156.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-30161","severity":"moderate","public_date":"2024-03-24T00:00:00Z","advisories":[],"bugzilla":"2271518","bugzilla_description":"qt6: wasm component may access QNetworkReply header improperly","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-825","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-30161.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-29059","severity":"moderate","public_date":"2024-03-23T00:00:00Z","advisories":[],"bugzilla":"2271385","bugzilla_description":"dotnet: .NET Framework Information Disclosure Vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29059.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2024-29944","severity":"critical","public_date":"2024-03-22T00:00:00Z","advisories":["RHSA-2024:1491","RHSA-2024:1490","RHSA-2024:1484","RHSA-2024:1483","RHSA-2024:1486","RHSA-2024:1485","RHSA-2024:1488","RHSA-2024:1487","RHSA-2024:1489"],"bugzilla":"2271064","bugzilla_description":"Mozilla: Privileged JavaScript Execution via Event Handlers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["firefox-0:115.9.1-1.el8_2","firefox-0:115.9.1-1.el9_2","firefox-0:115.9.1-1.el9_0","firefox-0:115.9.1-1.el7_9","firefox-0:115.9.1-1.el8_8","firefox-0:115.9.1-1.el8_9","firefox-0:115.9.1-1.el8_6","firefox-0:115.9.1-1.el8_4","firefox-0:115.9.1-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29944.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2024-29943","severity":"critical","public_date":"2024-03-22T00:00:00Z","advisories":[],"bugzilla":"2271107","bugzilla_description":"Mozilla: Out-of-bounds access via Range Analysis bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-787)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29943.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2024-2824","severity":"moderate","public_date":"2024-03-22T00:00:00Z","advisories":[],"bugzilla":"2271380","bugzilla_description":"jhead: heap buffer overflow in PrintFormatNumber() can lead to segmentation fault","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2824.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-28835","severity":"moderate","public_date":"2024-03-21T00:00:00Z","advisories":[],"bugzilla":"2269084","bugzilla_description":"gnutls: potential crash during chain building/verification","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-248","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28835.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2024-28834","severity":"moderate","public_date":"2024-03-21T00:00:00Z","advisories":[],"bugzilla":"2269228","bugzilla_description":"gnutls: vulnerable to Minerva side-channel information leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28834.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2024-2494","severity":"moderate","public_date":"2024-03-21T00:00:00Z","advisories":[],"bugzilla":"2270115","bugzilla_description":"libvirt: negative g_new0 length can lead to unbounded memory allocation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-789","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2494.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2024-27281","severity":"moderate","public_date":"2024-03-21T00:00:00Z","advisories":[],"bugzilla":"2270749","bugzilla_description":"ruby: RCE vulnerability with .rdoc_options in RDoc","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27281.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"4.5"},{"CVE":"CVE-2024-27280","severity":"moderate","public_date":"2024-03-21T00:00:00Z","advisories":[],"bugzilla":"2270750","bugzilla_description":"ruby: Buffer overread vulnerability in StringIO","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27280.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2024-29374","severity":"moderate","public_date":"2024-03-21T00:00:00Z","advisories":[],"bugzilla":"2270860","bugzilla_description":"moodle: A Cross-Site Scripting (XSS) vulnerability in \"?lang\" parameter","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-80","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29374.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-29180","severity":"important","public_date":"2024-03-21T00:00:00Z","advisories":[],"bugzilla":"2270863","bugzilla_description":"webpack-dev-middleware: lack of URL validation may lead to file leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29180.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2024-26643","severity":"moderate","public_date":"2024-03-21T00:00:00Z","advisories":[],"bugzilla":"2270879","bugzilla_description":"kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26643.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26642","severity":"moderate","public_date":"2024-03-21T00:00:00Z","advisories":[],"bugzilla":"2270881","bugzilla_description":"kernel: netfilter: nf_tables: disallow anonymous set with timeout flag","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26642.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52620","severity":"moderate","public_date":"2024-03-21T00:00:00Z","advisories":[],"bugzilla":"2270883","bugzilla_description":"kernel: netfilter: nf_tables: disallow timeout for anonymous sets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52620.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-1394","severity":"important","public_date":"2024-03-20T00:00:00Z","advisories":["RHSA-2024:1462","RHSA-2024:1472","RHSA-2024:1468","RHSA-2024:1501","RHSA-2024:1502"],"bugzilla":"2262921","bugzilla_description":"golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":["go-toolset:rhel8-8090020240313170136.26eb71ac","go-toolset-1.19-golang-0:1.19.13-6.el7_9","grafana-pcp-0:5.1.1-2.el9_3","golang-0:1.20.12-2.el9_3","grafana-0:9.2.10-8.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1394.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-46839","severity":"moderate","public_date":"2024-03-20T00:00:00Z","advisories":[],"bugzilla":"2270533","bugzilla_description":"xen: phantom functions assigned to incorrect contexts","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46839.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2023-50967","severity":"moderate","public_date":"2024-03-20T00:00:00Z","advisories":[],"bugzilla":"2270538","bugzilla_description":"jose: Denial of service due to uncontrolled CPU consumption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50967.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-29018","severity":"moderate","public_date":"2024-03-20T00:00:00Z","advisories":[],"bugzilla":"2270591","bugzilla_description":"moby: external DNS requests from 'internal' networks could lead to data exfiltration","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-669","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29018.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2024-29133","severity":"low","public_date":"2024-03-20T00:00:00Z","advisories":[],"bugzilla":"2270673","bugzilla_description":"commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121->CWE-787","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29133.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2024-29131","severity":"low","public_date":"2024-03-20T00:00:00Z","advisories":[],"bugzilla":"2270674","bugzilla_description":"commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121->CWE-787","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29131.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2024-2307","severity":"moderate","public_date":"2024-03-19T00:00:00Z","advisories":[],"bugzilla":"2268513","bugzilla_description":"osbuild-composer: race condition may disable GPG verification for package repositories","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362->CWE-347","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2307.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L","cvss3_score":"6.1"},{"CVE":"CVE-2024-21503","severity":"moderate","public_date":"2024-03-19T00:00:00Z","advisories":[],"bugzilla":"2270236","bugzilla_description":"psf/black: ReDoS via the lines_with_leading_tabs_expanded() function in strings.py file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1333","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21503.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2023-50966","severity":"moderate","public_date":"2024-03-19T00:00:00Z","advisories":[],"bugzilla":"2270311","bugzilla_description":"erlang-jose: Denial-of-service due to high CPU consumption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50966.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-27439","severity":"important","public_date":"2024-03-19T00:00:00Z","advisories":[],"bugzilla":"2270332","bugzilla_description":"apache-wicket: Possible bypass of CSRF protection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-352|CWE-444)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27439.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2024-22025","severity":"moderate","public_date":"2024-03-19T00:00:00Z","advisories":[],"bugzilla":"2270559","bugzilla_description":"nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22025.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-2605","severity":"important","public_date":"2024-03-19T00:00:00Z","advisories":[],"bugzilla":"2270659","bugzilla_description":"Mozilla: Windows Error Reporter could be used as a Sandbox escape vector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2605.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-2607","severity":"important","public_date":"2024-03-19T00:00:00Z","advisories":["RHSA-2024:1491","RHSA-2024:1490","RHSA-2024:1493","RHSA-2024:1492","RHSA-2024:1484","RHSA-2024:1495","RHSA-2024:1494","RHSA-2024:1483","RHSA-2024:1486","RHSA-2024:1497","RHSA-2024:1496","RHSA-2024:1485","RHSA-2024:1499","RHSA-2024:1488","RHSA-2024:1498","RHSA-2024:1487","RHSA-2024:1500","RHSA-2024:1489"],"bugzilla":"2270660","bugzilla_description":"Mozilla: JIT code failed to save return registers on Armv7-A","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1262","affected_packages":["firefox-0:115.9.1-1.el8_2","firefox-0:115.9.1-1.el9_2","firefox-0:115.9.1-1.el9_0","thunderbird-0:115.9.0-1.el8_9","thunderbird-0:115.9.0-1.el7_9","thunderbird-0:115.9.0-1.el8_8","thunderbird-0:115.9.0-1.el8_6","thunderbird-0:115.9.0-1.el8_4","thunderbird-0:115.9.0-1.el9_3","thunderbird-0:115.9.0-1.el9_2","thunderbird-0:115.9.0-1.el8_2","thunderbird-0:115.9.0-1.el9_0","firefox-0:115.9.1-1.el7_9","firefox-0:115.9.1-1.el8_8","firefox-0:115.9.1-1.el8_9","firefox-0:115.9.1-1.el8_6","firefox-0:115.9.1-1.el8_4","firefox-0:115.9.1-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2607.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-2608","severity":"important","public_date":"2024-03-19T00:00:00Z","advisories":["RHSA-2024:1491","RHSA-2024:1490","RHSA-2024:1493","RHSA-2024:1492","RHSA-2024:1484","RHSA-2024:1495","RHSA-2024:1494","RHSA-2024:1483","RHSA-2024:1486","RHSA-2024:1497","RHSA-2024:1496","RHSA-2024:1485","RHSA-2024:1499","RHSA-2024:1488","RHSA-2024:1498","RHSA-2024:1487","RHSA-2024:1500","RHSA-2024:1489"],"bugzilla":"2270661","bugzilla_description":"Mozilla: Integer overflow could have led to out of bounds write","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-120","affected_packages":["firefox-0:115.9.1-1.el8_2","firefox-0:115.9.1-1.el9_2","firefox-0:115.9.1-1.el9_0","thunderbird-0:115.9.0-1.el8_9","thunderbird-0:115.9.0-1.el7_9","thunderbird-0:115.9.0-1.el8_8","thunderbird-0:115.9.0-1.el8_6","thunderbird-0:115.9.0-1.el8_4","thunderbird-0:115.9.0-1.el9_3","thunderbird-0:115.9.0-1.el9_2","thunderbird-0:115.9.0-1.el8_2","thunderbird-0:115.9.0-1.el9_0","firefox-0:115.9.1-1.el7_9","firefox-0:115.9.1-1.el8_8","firefox-0:115.9.1-1.el8_9","firefox-0:115.9.1-1.el8_6","firefox-0:115.9.1-1.el8_4","firefox-0:115.9.1-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2608.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-2616","severity":"important","public_date":"2024-03-19T00:00:00Z","advisories":["RHSA-2024:1491","RHSA-2024:1490","RHSA-2024:1484","RHSA-2024:1483","RHSA-2024:1486","RHSA-2024:1485","RHSA-2024:1488","RHSA-2024:1487","RHSA-2024:1489"],"bugzilla":"2270662","bugzilla_description":"Mozilla: Improve handling of out-of-memory conditions in ICU","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:115.9.1-1.el8_2","firefox-0:115.9.1-1.el9_2","firefox-0:115.9.1-1.el9_0","firefox-0:115.9.1-1.el7_9","firefox-0:115.9.1-1.el8_8","firefox-0:115.9.1-1.el8_9","firefox-0:115.9.1-1.el8_6","firefox-0:115.9.1-1.el8_4","firefox-0:115.9.1-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2616.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-2610","severity":"moderate","public_date":"2024-03-19T00:00:00Z","advisories":["RHSA-2024:1491","RHSA-2024:1490","RHSA-2024:1493","RHSA-2024:1492","RHSA-2024:1484","RHSA-2024:1495","RHSA-2024:1494","RHSA-2024:1483","RHSA-2024:1486","RHSA-2024:1497","RHSA-2024:1496","RHSA-2024:1485","RHSA-2024:1499","RHSA-2024:1488","RHSA-2024:1498","RHSA-2024:1487","RHSA-2024:1500","RHSA-2024:1489"],"bugzilla":"2270663","bugzilla_description":"Mozilla: Improper handling of html and body tags enabled CSP nonce leakage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["firefox-0:115.9.1-1.el8_2","firefox-0:115.9.1-1.el9_2","firefox-0:115.9.1-1.el9_0","thunderbird-0:115.9.0-1.el8_9","thunderbird-0:115.9.0-1.el7_9","thunderbird-0:115.9.0-1.el8_8","thunderbird-0:115.9.0-1.el8_6","thunderbird-0:115.9.0-1.el8_4","thunderbird-0:115.9.0-1.el9_3","thunderbird-0:115.9.0-1.el9_2","thunderbird-0:115.9.0-1.el8_2","thunderbird-0:115.9.0-1.el9_0","firefox-0:115.9.1-1.el7_9","firefox-0:115.9.1-1.el8_8","firefox-0:115.9.1-1.el8_9","firefox-0:115.9.1-1.el8_6","firefox-0:115.9.1-1.el8_4","firefox-0:115.9.1-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2610.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-2611","severity":"moderate","public_date":"2024-03-19T00:00:00Z","advisories":["RHSA-2024:1491","RHSA-2024:1490","RHSA-2024:1493","RHSA-2024:1492","RHSA-2024:1484","RHSA-2024:1495","RHSA-2024:1494","RHSA-2024:1483","RHSA-2024:1486","RHSA-2024:1497","RHSA-2024:1496","RHSA-2024:1485","RHSA-2024:1499","RHSA-2024:1488","RHSA-2024:1498","RHSA-2024:1487","RHSA-2024:1500","RHSA-2024:1489"],"bugzilla":"2270664","bugzilla_description":"Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-449","affected_packages":["firefox-0:115.9.1-1.el8_2","firefox-0:115.9.1-1.el9_2","firefox-0:115.9.1-1.el9_0","thunderbird-0:115.9.0-1.el8_9","thunderbird-0:115.9.0-1.el7_9","thunderbird-0:115.9.0-1.el8_8","thunderbird-0:115.9.0-1.el8_6","thunderbird-0:115.9.0-1.el8_4","thunderbird-0:115.9.0-1.el9_3","thunderbird-0:115.9.0-1.el9_2","thunderbird-0:115.9.0-1.el8_2","thunderbird-0:115.9.0-1.el9_0","firefox-0:115.9.1-1.el7_9","firefox-0:115.9.1-1.el8_8","firefox-0:115.9.1-1.el8_9","firefox-0:115.9.1-1.el8_6","firefox-0:115.9.1-1.el8_4","firefox-0:115.9.1-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2611.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-2612","severity":"moderate","public_date":"2024-03-19T00:00:00Z","advisories":["RHSA-2024:1491","RHSA-2024:1490","RHSA-2024:1493","RHSA-2024:1492","RHSA-2024:1484","RHSA-2024:1495","RHSA-2024:1494","RHSA-2024:1483","RHSA-2024:1486","RHSA-2024:1497","RHSA-2024:1496","RHSA-2024:1485","RHSA-2024:1499","RHSA-2024:1488","RHSA-2024:1498","RHSA-2024:1487","RHSA-2024:1500","RHSA-2024:1489"],"bugzilla":"2270665","bugzilla_description":"Mozilla: Self referencing object could have potentially led to a use-after-free","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:115.9.1-1.el8_2","firefox-0:115.9.1-1.el9_2","firefox-0:115.9.1-1.el9_0","thunderbird-0:115.9.0-1.el8_9","thunderbird-0:115.9.0-1.el7_9","thunderbird-0:115.9.0-1.el8_8","thunderbird-0:115.9.0-1.el8_6","thunderbird-0:115.9.0-1.el8_4","thunderbird-0:115.9.0-1.el9_3","thunderbird-0:115.9.0-1.el9_2","thunderbird-0:115.9.0-1.el8_2","thunderbird-0:115.9.0-1.el9_0","firefox-0:115.9.1-1.el7_9","firefox-0:115.9.1-1.el8_8","firefox-0:115.9.1-1.el8_9","firefox-0:115.9.1-1.el8_6","firefox-0:115.9.1-1.el8_4","firefox-0:115.9.1-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2612.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-2614","severity":"important","public_date":"2024-03-19T00:00:00Z","advisories":["RHSA-2024:1491","RHSA-2024:1490","RHSA-2024:1493","RHSA-2024:1492","RHSA-2024:1484","RHSA-2024:1495","RHSA-2024:1494","RHSA-2024:1483","RHSA-2024:1486","RHSA-2024:1497","RHSA-2024:1496","RHSA-2024:1485","RHSA-2024:1499","RHSA-2024:1488","RHSA-2024:1498","RHSA-2024:1487","RHSA-2024:1500","RHSA-2024:1489"],"bugzilla":"2270666","bugzilla_description":"Mozilla: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:115.9.1-1.el8_2","firefox-0:115.9.1-1.el9_2","firefox-0:115.9.1-1.el9_0","thunderbird-0:115.9.0-1.el8_9","thunderbird-0:115.9.0-1.el7_9","thunderbird-0:115.9.0-1.el8_8","thunderbird-0:115.9.0-1.el8_6","thunderbird-0:115.9.0-1.el8_4","thunderbird-0:115.9.0-1.el9_3","thunderbird-0:115.9.0-1.el9_2","thunderbird-0:115.9.0-1.el8_2","thunderbird-0:115.9.0-1.el9_0","firefox-0:115.9.1-1.el7_9","firefox-0:115.9.1-1.el8_8","firefox-0:115.9.1-1.el8_9","firefox-0:115.9.1-1.el8_6","firefox-0:115.9.1-1.el8_4","firefox-0:115.9.1-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2614.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-1013","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2260823","bugzilla_description":"unixODBC: out of bounds stack write due to pointer-to-integer types conversion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-823","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1013.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2024-1753","severity":"important","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2265513","bugzilla_description":"buildah: full container escape at build time","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-269","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1753.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"8.6"},{"CVE":"CVE-2021-47154","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270058","bugzilla_description":"Perl-Net-CIDR-Lite: improper handling of extraneous zero characters in an IP address string","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47154.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2023-52614","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270071","bugzilla_description":"kernel: PM / devfreq: Fix buffer overflow in trans_stat_show","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52614.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2023-52613","severity":"low","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270073","bugzilla_description":"kernel: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52613.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52612","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270075","bugzilla_description":"kernel: crypto: scomp - fix req->dst buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52612.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52611","severity":"low","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270077","bugzilla_description":"kernel: wifi: rtw88: sdio: Honor the host max_req_size in the RX path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-118","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52611.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52610","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270080","bugzilla_description":"kernel: net/sched: act_ct: fix skb leak and crash on ooo frags","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52610.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2023-52609","severity":"low","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270082","bugzilla_description":"kernel: binder: fix race between mmput() and do_exit()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52609.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.1"},{"CVE":"CVE-2023-52619","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270084","bugzilla_description":"kernel: pstore/ram: Fix crash when setting number of cpus to an odd number","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52619.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52618","severity":"low","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270086","bugzilla_description":"kernel: block/rnbd-srv: Check for unlikely string overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52618.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2023-52617","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270088","bugzilla_description":"kernel: PCI: switchtec: Fix stdev_release() crash after surprise hot remove","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52617.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52616","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270091","bugzilla_description":"kernel: crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52616.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52615","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270093","bugzilla_description":"kernel: hwrng: core - Fix page fault dead lock on mmap-ed hwrng","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52615.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-26641","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270097","bugzilla_description":"kernel: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26641.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26640","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270100","bugzilla_description":"kernel: tcp: add sanity checks to rx zerocopy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26640.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26639","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270102","bugzilla_description":"kernel: mm, kmsan: fix infinite recursion due to RCU critical section","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26639.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26638","severity":"low","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270103","bugzilla_description":"kernel: nbd: always initialize struct msghdr completely","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26638.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-26637","severity":"low","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270106","bugzilla_description":"kernel: wifi: ath11k: rely on mac80211 debugfs handling for vif","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26637.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-26636","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270110","bugzilla_description":"kernel: llc: make llc_ui_sendmsg() more robust against bonding changes","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26636.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26635","severity":"low","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270113","bugzilla_description":"kernel: llc: Drop support for ETH_P_TR_802_2.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26635.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26634","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270116","bugzilla_description":"kernel: net: fix removing a namespace with conflicting altnames","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26634.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26633","severity":"low","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270118","bugzilla_description":"kernel: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26633.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26632","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270131","bugzilla_description":"kernel: block: Fix iterating over an empty bio with bio_for_each_folio_all","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26632.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26631","severity":"low","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270133","bugzilla_description":"kernel: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-414","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26631.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2024-22257","severity":"important","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270158","bugzilla_description":"spring-security: Broken Access Control With Direct Use of AuthenticatedVoter","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22257.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2024-21652","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270170","bugzilla_description":"argo-cd: Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-307","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21652.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2024-21661","severity":"important","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270173","bugzilla_description":"argo-cd: Denial of Service Due to Unsafe Array Modification in Multi-threaded Environment","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-567","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21661.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-21662","severity":"moderate","public_date":"2024-03-18T00:00:00Z","advisories":[],"bugzilla":"2270182","bugzilla_description":"argo-cd: Bypassing Rate Limit and Brute Force Protection Using Cache Overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-307","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21662.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2024-22513","severity":"moderate","public_date":"2024-03-16T00:00:00Z","advisories":[],"bugzilla":"2269822","bugzilla_description":"djangorestframework-simplejwt: information disclosure vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22513.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2024-22259","severity":"important","public_date":"2024-03-16T00:00:00Z","advisories":[],"bugzilla":"2269846","bugzilla_description":"springframework: URL Parsing with Host Validation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-601","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22259.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2023-6725","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2249273","bugzilla_description":"tripleo-ansible: bind keys are world readable","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1220","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6725.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L","cvss3_score":"6.6"},{"CVE":"CVE-2021-47135","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269812","bugzilla_description":"kernel: mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47135.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47134","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269814","bugzilla_description":"kernel: efi/fdt: fix panic when no valid fdt found","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47134.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47133","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269816","bugzilla_description":"kernel: HID: amd_sfh: Fix memory leak in amd_sfh_work","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47133.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47132","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269818","bugzilla_description":"kernel: mptcp: fix sk_forward_memory corruption on retransmission","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-414","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47132.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-47131","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269820","bugzilla_description":"kernel: net/tls: Fix use-after-free after the TLS device goes down and up","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47131.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47130","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269826","bugzilla_description":"kernel: nvmet: fix freeing unallocated p2pmem","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47130.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47129","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269829","bugzilla_description":"kernel: netfilter: nft_ct: skip expectations for confirmed conntrack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47129.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47128","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269831","bugzilla_description":"kernel: bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47128.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47127","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269834","bugzilla_description":"kernel: ice: track AF_XDP ZC enabled queues in bitmap","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47127.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47126","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269836","bugzilla_description":"kernel: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47126.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-47125","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269839","bugzilla_description":"kernel: sch_htb: fix refcount leak in htb_parent_to_leaf_offload","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47125.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-47124","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269841","bugzilla_description":"kernel: io_uring: fix link timeout refs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47124.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2021-47123","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269843","bugzilla_description":"kernel: io_uring: fix ltout double free on completion race","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-415","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47123.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-47122","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269845","bugzilla_description":"kernel: net: caif: fix memory leak in caif_device_notify","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47122.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-47121","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269848","bugzilla_description":"kernel: net: caif: fix memory leak in cfusbl_device_notify","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47121.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-47120","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269850","bugzilla_description":"kernel: HID: magicmouse: fix NULL-deref on disconnect","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47120.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47119","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269854","bugzilla_description":"kernel: ext4: fix memory leak in ext4_fill_super","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47119.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-47118","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269856","bugzilla_description":"kernel: pid: take a reference when initializing `cad_pid`","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47118.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47117","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269859","bugzilla_description":"kernel: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47117.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47116","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269861","bugzilla_description":"kernel: ext4: fix memory leak in ext4_mb_init_backend on error path.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47116.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-47115","severity":null,"public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269863","bugzilla_description":"kernel: nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47115.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2021-47114","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269865","bugzilla_description":"kernel: ocfs2: fix data corruption by fallocate","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47114.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47113","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269867","bugzilla_description":"kernel: btrfs: abort in rename_exchange if we fail to insert the second ref","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47113.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47112","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269869","bugzilla_description":"kernel: x86/kvm: Teardown PV features on boot CPU as well","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-459","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47112.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47111","severity":"low","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269871","bugzilla_description":"kernel: xen-netback: take a reference to the RX task thread","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47111.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47110","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269873","bugzilla_description":"kernel: x86/kvm: Disable kvmclock on all CPUs on shutdown","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47110.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-47109","severity":"moderate","public_date":"2024-03-15T00:00:00Z","advisories":[],"bugzilla":"2269875","bugzilla_description":"kernel: neighbour: allow NUD_NOARP entries to be forced GCed","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47109.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2024-29156","severity":"important","public_date":"2024-03-14T00:00:00Z","advisories":[],"bugzilla":"2269112","bugzilla_description":"YAQL: OpenStack Murano Component Information Leakage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29156.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2024-28849","severity":"moderate","public_date":"2024-03-14T00:00:00Z","advisories":[],"bugzilla":"2269576","bugzilla_description":"follow-redirects: Possible credential leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28849.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-28752","severity":"important","public_date":"2024-03-14T00:00:00Z","advisories":[],"bugzilla":"2270732","bugzilla_description":"cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-918","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28752.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2024-28175","severity":"important","public_date":"2024-03-13T00:00:00Z","advisories":["RHSA-2024:1441","RHSA-2024:1345","RHSA-2024:1346"],"bugzilla":"2268518","bugzilla_description":"argo-cd: XSS vulnerability in application summary component","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["openshift-gitops-1/gitops-rhel8:v1.11.2-2","openshift-gitops-1/kam-delivery-rhel8:v1.11.2-2","openshift-gitops-1/gitops-rhel8-operator:v1.10.3-2","openshift-gitops-1/argocd-rhel8:v1.12.0-19","openshift-gitops-1/console-plugin-rhel8:v1.11.2-2","openshift-gitops-1/gitops-operator-bundle:v1.11.2-2","openshift-gitops-1/gitops-rhel8:v1.12.0-19","openshift-gitops-1/argocd-rhel8:v1.11.2-2","openshift-gitops-1/gitops-rhel8:v1.10.3-2","openshift-gitops-1/must-gather-rhel8:v1.11.2-2","openshift-gitops-1/argo-rollouts-rhel8:v1.11.2-2","openshift-gitops-1/gitops-rhel8-operator:v1.11.2-2","openshift-gitops-1/gitops-rhel8-operator:v1.12.0-19","openshift-gitops-1/argocd-rhel8:v1.10.3-2","openshift-gitops-1/dex-rhel8:v1.11.2-2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28175.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:H","cvss3_score":"8.9"},{"CVE":"CVE-2023-52608","severity":"low","public_date":"2024-03-13T00:00:00Z","advisories":[],"bugzilla":"2269432","bugzilla_description":"kernel: firmware: arm_scmi: Check mailbox/SMT channel for consistency","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52608.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-26629","severity":"moderate","public_date":"2024-03-13T00:00:00Z","advisories":[],"bugzilla":"2269434","bugzilla_description":"kernel: nfsd: fix RELEASE_LOCKOWNER","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-393","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26629.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26630","severity":"moderate","public_date":"2024-03-13T00:00:00Z","advisories":[],"bugzilla":"2269436","bugzilla_description":"kernel: mm: cachestat: fix folio read-after-free in cache walk","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26630.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-50726","severity":"moderate","public_date":"2024-03-13T00:00:00Z","advisories":[],"bugzilla":"2269479","bugzilla_description":"Argo CD: Users with `create` but not `override` privileges can perform local sync","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-269","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50726.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L","cvss3_score":"6.4"},{"CVE":"CVE-2024-24549","severity":"important","public_date":"2024-03-13T00:00:00Z","advisories":["RHSA-2024:1318","RHSA-2024:1319","RHSA-2024:1325","RHSA-2024:1324"],"bugzilla":"2269607","bugzilla_description":": Apache Tomcat: HTTP/2 header handling DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["jws5-tomcat-native-0:1.2.31-17.redhat_17.el9jws","tomcat","jws5-tomcat-native-0:1.2.31-17.redhat_17.el7jws","jws5-tomcat-native-0:1.2.31-17.redhat_17.el8jws","jws5-tomcat-0:9.0.62-41.redhat_00020.1.el7jws","jws5-tomcat-0:9.0.62-41.redhat_00020.1.el8jws","jws5-tomcat-0:9.0.62-41.redhat_00020.1.el9jws","jws6-tomcat-0:10.1.8-6.redhat_00013.1.el9jws","jws6-tomcat-0:10.1.8-6.redhat_00013.1.el8jws"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24549.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-23672","severity":"important","public_date":"2024-03-13T00:00:00Z","advisories":[],"bugzilla":"2269608","bugzilla_description":"Apache Tomcat: WebSocket DoS with incomplete closing handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-459","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23672.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-2193","severity":"moderate","public_date":"2024-03-12T00:00:00Z","advisories":[],"bugzilla":"2262051","bugzilla_description":"hw: Spectre-SRC that is Speculative Race Conditions (SRCs) for synchronization primitives similar like Spectre V1 with possibility to bypass software features (e.g., IPIs, high-precision timers, etc)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1300","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2193.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2024-2182","severity":"moderate","public_date":"2024-03-12T00:00:00Z","advisories":["RHSA-2024:1390","RHSA-2024:1392","RHSA-2024:1391","RHSA-2024:1394","RHSA-2024:1393","RHSA-2024:1385","RHSA-2024:1387","RHSA-2024:1386","RHSA-2024:1388"],"bugzilla":"2267840","bugzilla_description":"ovn: insufficient validation of BFD packets may lead to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-346","affected_packages":["ovn22.03-0:22.03.3-71.el8fdp","ovn23.03-0:23.03.1-100.el8fdp","ovn23.03-0:23.03.1-100.el9fdp","ovn22.12-0:22.12.1-94.el8fdp","ovn22.12-0:22.12.1-94.el9fdp","ovn22.03-0:22.03.3-71.el9fdp","ovn23.06-0:23.06.1-112.el8fdp","ovn23.09-0:23.09.0-136.el9fdp","ovn23.06-0:23.06.1-112.el9fdp"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2182.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-21392","severity":"moderate","public_date":"2024-03-12T00:00:00Z","advisories":["RHSA-2024:1309","RHSA-2024:1308","RHSA-2024:1310","RHSA-2024:1311"],"bugzilla":"2268266","bugzilla_description":"dotnet: DoS in .NET Core / YARP HTTP / 2 WebSocket support","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["dotnet8.0-0:8.0.103-1.el8_9","dotnet7.0-0:7.0.117-1.el8_9","dotnet7.0-0:7.0.117-1.el9_3","dotnet8.0-0:8.0.103-2.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21392.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-49453","severity":"important","public_date":"2024-03-12T00:00:00Z","advisories":[],"bugzilla":"2269172","bugzilla_description":"racktables: XSS vulnerability allow local attackers to execute arbitrary code","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-80","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49453.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-27758","severity":"important","public_date":"2024-03-12T00:00:00Z","advisories":[],"bugzilla":"2269242","bugzilla_description":"python-rpyc: Remote attacker can craft a class, resulting in remote code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-358->CWE-913","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27758.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N","cvss3_score":"8.5"},{"CVE":"CVE-2024-28098","severity":"moderate","public_date":"2024-03-12T00:00:00Z","advisories":[],"bugzilla":"2269248","bugzilla_description":"apache-pulsar: Improper Authorization For Topic-Level Policy Management","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-863","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28098.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","cvss3_score":"6.4"},{"CVE":"CVE-2022-34321","severity":"moderate","public_date":"2024-03-12T00:00:00Z","advisories":[],"bugzilla":"2269250","bugzilla_description":"apache-pulsar: Improper Authentication for Pulsar Proxy Statistics Endpoint","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-306","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34321.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L","cvss3_score":"8.2"},{"CVE":"CVE-2024-27135","severity":"important","public_date":"2024-03-12T00:00:00Z","advisories":[],"bugzilla":"2269254","bugzilla_description":"apache-pulsar: Improper Input Validation in Pulsar Function Worker allows Remote Code Execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-913","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27135.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.5"},{"CVE":"CVE-2024-27317","severity":"important","public_date":"2024-03-12T00:00:00Z","advisories":[],"bugzilla":"2269257","bugzilla_description":"apache-pulsar: Pulsar Functions Worker's Archive Extraction Vulnerability Allows Unauthorized File Modification","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27317.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L","cvss3_score":"8.4"},{"CVE":"CVE-2024-27894","severity":"important","public_date":"2024-03-12T00:00:00Z","advisories":[],"bugzilla":"2269259","bugzilla_description":"apache-pulsar: Pulsar Functions Worker Allows Unauthorized File Access and Unauthorized HTTP/HTTPS Proxying","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-552","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27894.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.5"},{"CVE":"CVE-2024-2467","severity":"moderate","public_date":"2024-03-12T00:00:00Z","advisories":[],"bugzilla":"2269567","bugzilla_description":"perl-Crypt-OpenSSL-RSA: side-channel attack in PKCS#1 v1.5 padding mode (Marvin Attack)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-208->CWE-203","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2467.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2023-22655","severity":"moderate","public_date":"2024-03-12T00:00:00Z","advisories":[],"bugzilla":"2270698","bugzilla_description":"kernel: local privilege escalation on Intel microcode on Intel(R) Xeon(R)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-693","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22655.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-2357","severity":"moderate","public_date":"2024-03-11T00:00:00Z","advisories":[],"bugzilla":"2268952","bugzilla_description":"libreswan: Missing PreSharedKey for connection can cause crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2357.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2024-28757","severity":"moderate","public_date":"2024-03-10T00:00:00Z","advisories":["RHSA-2024:1530"],"bugzilla":"2268766","bugzilla_description":"expat: XML Entity Expansion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-776","affected_packages":["expat-0:2.5.0-1.el9_3.1"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28757.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-2313","severity":"low","public_date":"2024-03-10T00:00:00Z","advisories":[],"bugzilla":"2269014","bugzilla_description":"bpftrace: unprivileged users can force loading of compromised linux headers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2313.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L","cvss3_score":"2.8"},{"CVE":"CVE-2024-2314","severity":"low","public_date":"2024-03-10T00:00:00Z","advisories":[],"bugzilla":"2269019","bugzilla_description":"bcc: unprivileged users can force loading of compromised linux headers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2314.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L","cvss3_score":"2.8"},{"CVE":"CVE-2024-28122","severity":"moderate","public_date":"2024-03-09T00:00:00Z","advisories":[],"bugzilla":"2268761","bugzilla_description":"jwx: denial of service attack using compressed JWE message","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28122.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2024-28176","severity":"moderate","public_date":"2024-03-09T00:00:00Z","advisories":[],"bugzilla":"2268820","bugzilla_description":"jose: resource exhaustion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28176.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2024-28180","severity":"moderate","public_date":"2024-03-09T00:00:00Z","advisories":["RHSA-2024:1456"],"bugzilla":"2268854","bugzilla_description":"jose-go: improper handling of highly compressed data","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-409","affected_packages":["cri-o-0:1.26.5-10.rhaos4.13.gita08b329.el9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28180.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2024-28102","severity":"moderate","public_date":"2024-03-08T00:00:00Z","advisories":[],"bugzilla":"2268758","bugzilla_description":"python-jwcrypto: malicious JWE token can cause denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28102.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2023-42843","severity":"moderate","public_date":"2024-03-08T00:00:00Z","advisories":[],"bugzilla":"2271717","bugzilla_description":"webkit: visiting a malicious website may lead to address bar spoofing","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42843.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2023-42950","severity":"important","public_date":"2024-03-08T00:00:00Z","advisories":[],"bugzilla":"2271718","bugzilla_description":"webkit: heap use-after-free may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42950.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-42956","severity":"moderate","public_date":"2024-03-08T00:00:00Z","advisories":[],"bugzilla":"2271719","bugzilla_description":"webkit: processing malicious web content may lead to a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42956.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-1931","severity":"moderate","public_date":"2024-03-07T00:00:00Z","advisories":[],"bugzilla":"2268418","bugzilla_description":"unbound: Infinite loop due to improper EDE message size check","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1931.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2024-27289","severity":"moderate","public_date":"2024-03-07T00:00:00Z","advisories":["RHSA-2024:1321"],"bugzilla":"2268465","bugzilla_description":"pgx: SQL Injection via Line Comment Creation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-89","affected_packages":["advanced-cluster-security/rhacs-collector-slim-rhel8:4.3.5-1","advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.3.5-1","advanced-cluster-security/rhacs-operator-bundle:4.3.5-4","advanced-cluster-security/rhacs-rhel8-operator:4.3.5-3","advanced-cluster-security/rhacs-scanner-db-rhel8:4.3.5-3","advanced-cluster-security/rhacs-collector-rhel8:4.3.5-3","advanced-cluster-security/rhacs-roxctl-rhel8:4.3.5-3","advanced-cluster-security/rhacs-scanner-slim-rhel8:4.3.5-3","advanced-cluster-security/rhacs-main-rhel8:4.3.5-4","advanced-cluster-security/rhacs-scanner-rhel8:4.3.5-3","advanced-cluster-security/rhacs-central-db-rhel8:4.3.5-3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27289.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2024-1442","severity":"moderate","public_date":"2024-03-07T00:00:00Z","advisories":[],"bugzilla":"2268486","bugzilla_description":"grafana: Improper priviledge managent for users with data source permissions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-269","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1442.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L","cvss3_score":"6.0"},{"CVE":"CVE-2024-23226","severity":"important","public_date":"2024-03-07T00:00:00Z","advisories":[],"bugzilla":"2270286","bugzilla_description":"webkit: processing malicious web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23226.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2024-23252","severity":"moderate","public_date":"2024-03-07T00:00:00Z","advisories":[],"bugzilla":"2270288","bugzilla_description":"webkit: processing malicious web content may lead to denial-of-service","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23252.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-23254","severity":"moderate","public_date":"2024-03-07T00:00:00Z","advisories":[],"bugzilla":"2270289","bugzilla_description":"webkit: malicious website may exfiltrate audio data cross-origin","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23254.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-23263","severity":"moderate","public_date":"2024-03-07T00:00:00Z","advisories":[],"bugzilla":"2270290","bugzilla_description":"webkit: processing malicious web content prevents Content Security Policy from being enforced","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23263.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-23280","severity":"moderate","public_date":"2024-03-07T00:00:00Z","advisories":[],"bugzilla":"2270291","bugzilla_description":"webkit: maliciously crafted webpage may be able to fingerprint the user","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23280.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-23284","severity":"moderate","public_date":"2024-03-07T00:00:00Z","advisories":[],"bugzilla":"2270292","bugzilla_description":"webkit: processing maliciously crafted web content prevents Content Security Policy from being enforced","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23284.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-2236","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2245218","bugzilla_description":"libgcrypt: vulnerable to Marvin Attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385->CWE-208","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2236.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2024-1725","severity":"important","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2265398","bugzilla_description":"kubevirt-csi: PersistentVolume allows access to HCP's root node","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-501","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1725.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2024-26628","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268212","bugzilla_description":"kernel: drm/amdkfd: Fix lock dependency warning","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26628.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2024-26627","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268214","bugzilla_description":"kernel: scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26627.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26626","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268216","bugzilla_description":"kernel: ipmr: fix kernel panic when forwarding mcast packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26626.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26625","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268218","bugzilla_description":"kernel: llc: call sock_orphan() at release time","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26625.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-26624","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268221","bugzilla_description":"kernel: af_unix: fix lockdep positive in sk_diag_dump_icons()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26624.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2024-26623","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268223","bugzilla_description":"kernel: pds_core: Prevent race issues involving the adminq","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26623.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-28152","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268226","bugzilla_description":"jenkins-2-plugins: Incorrect trust policy behavior for pull requests from forks in Bitbucket Branch Source Plugin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-501","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28152.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2024-28149","severity":"important","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268227","bugzilla_description":"jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28149.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.0"},{"CVE":"CVE-2024-28150","severity":"important","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268228","bugzilla_description":"jenkins-2-plugins: Stored XSS vulnerability in HTML Publisher Plugin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28150.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.0"},{"CVE":"CVE-2024-28151","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268229","bugzilla_description":"jenkins-2-plugins: Path traversal vulnerability in HTML Publisher Plugin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28151.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2024-27304","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":["RHSA-2024:1321"],"bugzilla":"2268269","bugzilla_description":"pgx: SQL Injection via Protocol Message Size Overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-89","affected_packages":["advanced-cluster-security/rhacs-collector-slim-rhel8:4.3.5-1","advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.3.5-1","advanced-cluster-security/rhacs-operator-bundle:4.3.5-4","advanced-cluster-security/rhacs-rhel8-operator:4.3.5-3","advanced-cluster-security/rhacs-scanner-db-rhel8:4.3.5-3","advanced-cluster-security/rhacs-collector-rhel8:4.3.5-3","advanced-cluster-security/rhacs-roxctl-rhel8:4.3.5-3","advanced-cluster-security/rhacs-scanner-slim-rhel8:4.3.5-3","advanced-cluster-security/rhacs-main-rhel8:4.3.5-4","advanced-cluster-security/rhacs-scanner-rhel8:4.3.5-3","advanced-cluster-security/rhacs-central-db-rhel8:4.3.5-3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27304.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2023-52607","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268291","bugzilla_description":"kernel: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-395","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52607.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52606","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268293","bugzilla_description":"kernel: powerpc/lib: Validate size for vector operations","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52606.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52605","severity":"low","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268295","bugzilla_description":"kernel: ACPI: extlog: fix NULL pointer dereference check","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52605.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52604","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268297","bugzilla_description":"kernel: FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52604.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2023-52603","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268299","bugzilla_description":"kernel: UBSAN: array-index-out-of-bounds in dtSplitRoot","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52603.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52602","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268301","bugzilla_description":"kernel: jfs: fix slab-out-of-bounds Read in dtSearch","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52602.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2023-52601","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268303","bugzilla_description":"kernel: jfs: fix array-index-out-of-bounds in dbAdjTree","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52601.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52600","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268305","bugzilla_description":"kernel: jfs: fix uaf in jfs_evict_inode","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52600.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2023-52599","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268307","bugzilla_description":"kernel: jfs: fix array-index-out-of-bounds in diNewExt","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52599.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52598","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268309","bugzilla_description":"kernel: s390/ptrace: handle setting of fpc register correctly","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52598.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52597","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268311","bugzilla_description":"kernel: KVM: s390: fix setting of fpc register","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52597.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52596","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268313","bugzilla_description":"kernel: sysctl: Fix out of bounds access for empty sysctl registers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52596.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52595","severity":"low","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268315","bugzilla_description":"kernel: wifi: rt2x00: restart beacon queue when hardware reset","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52595.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52594","severity":"low","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268317","bugzilla_description":"kernel: wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52594.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52593","severity":"low","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268319","bugzilla_description":"kernel: wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52593.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52592","severity":"low","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268321","bugzilla_description":"kernel: libbpf: Fix NULL pointer dereference in bpf_object__collect_prog_relos","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52592.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52591","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268323","bugzilla_description":"kernel: reiserfs: Avoid touching renamed directory if parent does not change","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52591.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52590","severity":"low","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268325","bugzilla_description":"kernel: ocfs2: Avoid touching renamed directory if parent does not change","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52590.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52589","severity":"low","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268327","bugzilla_description":"kernel: media: rkisp1: Fix IRQ disable race issue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52589.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52588","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268329","bugzilla_description":"kernel: f2fs: fix to tag gcing flag on page during block migration","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52588.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52587","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268331","bugzilla_description":"kernel: IB/ipoib: Fix mcast list locking","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52587.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52586","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268333","bugzilla_description":"kernel: drm/msm/dpu: Add mutex lock in control vblank irq","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52586.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2023-52585","severity":"low","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268335","bugzilla_description":"kernel: drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52585.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52584","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268337","bugzilla_description":"kernel: spmi: mediatek: Fix UAF on device remove","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52584.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2023-52583","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268339","bugzilla_description":"kernel: ceph: fix deadlock or deadcode of misusing dget()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52583.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-25111","severity":"important","public_date":"2024-03-06T00:00:00Z","advisories":["RHSA-2024:1515","RHSA-2024:1376","RHSA-2024:1375","RHSA-2024:1479"],"bugzilla":"2268366","bugzilla_description":"squid: Denial of Service in HTTP Chunked Decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":["squid:4-8060020240312145037.ad008a3a","squid-7:5.5-6.el9_3.8","squid:4-8090020240314114525.a75119d5","squid-7:5.5-5.el9_2.6"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25111.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"8.6"},{"CVE":"CVE-2024-27307","severity":"important","public_date":"2024-03-06T00:00:00Z","advisories":[],"bugzilla":"2268370","bugzilla_description":"jsonata: malicious expression can pollute the \"Object\" prototype","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1321","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27307.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L","cvss3_score":"8.6"},{"CVE":"CVE-2024-28110","severity":"moderate","public_date":"2024-03-06T00:00:00Z","advisories":["RHSA-2024:1333"],"bugzilla":"2268372","bugzilla_description":"cloudevents/sdk-go: usage of WithRoundTripper to create a Client leaks credentials","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-522","affected_packages":["openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.11.0-4","openshift-serverless-1/serverless-operator-bundle:1.32.0-9","openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.11.0-4","openshift-serverless-1/func-utils-rhel8:1.32.0-3","openshift-serverless-1/eventing-mtping-rhel8:1.11.0-4","openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8:1.11.0-3","openshift-serverless-1/net-istio-webhook-rhel8:1.11.0-2","openshift-serverless-1/eventing-istio-controller-rhel8:1.11.0-2","openshift-serverless-1/net-istio-controller-rhel8:1.11.0-2","openshift-serverless-1/client-kn-rhel8:1.11.2-4","openshift-serverless-1/eventing-controller-rhel8:1.11.0-4","openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.11.0-4","openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.11.0-4","openshift-serverless-1/knative-rhel8-operator:1.32.0-2","openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.11.0-4","openshift-serverless-1/eventing-storage-version-migration-rhel8:1.11.0-4","openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.11.0-2","openshift-serverless-1/svls-must-gather-rhel8:1.32.0-2","openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.11.0-4","openshift-serverless-1/ingress-rhel8-operator:1.32.0-2","openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8:1.32.0-4","openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.11.0-4","openshift-serverless-1/serving-autoscaler-rhel8:1.11.0-2","openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.11.0-4","openshift-serverless-1/serving-storage-version-migration-rhel8:1.11.0-2","openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8:1.11.0-2","openshift-serverless-1-tech-preview/logic-data-index-ephemeral-rhel8:1.32.0-5","openshift-serverless-1-tech-preview/logic-rhel8-operator:1.32.0-8","openshift-serverless-1/kourier-control-rhel8:1.11.0-2","openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.11.0-4","openshift-serverless-1/serving-controller-rhel8:1.11.0-2","openshift-serverless-1-tech-preview/logic-operator-bundle:1.32.0-8","openshift-serverless-1/kn-cli-artifacts-rhel8:1.11.2-3","openshift-serverless-1/serving-queue-rhel8:1.11.0-2","openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.11.0-4","openshift-serverless-1/eventing-webhook-rhel8:1.11.0-4","openshift-serverless-1/serving-activator-rhel8:1.11.0-2","openshift-serverless-1/serving-webhook-rhel8:1.11.0-2","openshift-serverless-1/eventing-kafka-broker-receiver-rhel8:1.11.0-4","openshift-serverless-1-tech-preview/logic-swf-builder-rhel8:1.32.0-5","openshift-serverless-1/serverless-rhel8-operator:1.32.0-2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28110.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2023-5685","severity":"important","public_date":"2024-03-05T00:00:00Z","advisories":[],"bugzilla":"2241822","bugzilla_description":"xnio: StackOverflowException when the chain of notifier states becomes problematically big","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5685.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2022-48629","severity":"low","public_date":"2024-03-05T00:00:00Z","advisories":[],"bugzilla":"2267958","bugzilla_description":"kernel: crypto: qcom-rng - ensure buffer for generate is completely filled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48629.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2022-48630","severity":"low","public_date":"2024-03-05T00:00:00Z","advisories":[],"bugzilla":"2267959","bugzilla_description":"kernel: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48630.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-45290","severity":"moderate","public_date":"2024-03-05T00:00:00Z","advisories":[],"bugzilla":"2268017","bugzilla_description":"golang: net/http: memory exhaustion in Request.ParseMultipartForm","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45290.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2023-45289","severity":"moderate","public_date":"2024-03-05T00:00:00Z","advisories":[],"bugzilla":"2268018","bugzilla_description":"golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45289.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2024-24783","severity":"moderate","public_date":"2024-03-05T00:00:00Z","advisories":[],"bugzilla":"2268019","bugzilla_description":"golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24783.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2024-24784","severity":"moderate","public_date":"2024-03-05T00:00:00Z","advisories":[],"bugzilla":"2268021","bugzilla_description":"golang: net/mail: comments in display names are incorrectly handled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-115","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24784.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2024-24785","severity":"moderate","public_date":"2024-03-05T00:00:00Z","advisories":[],"bugzilla":"2268022","bugzilla_description":"golang: html/template: errors returned from MarshalJSON methods may break template escaping","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-74","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24785.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-24786","severity":"moderate","public_date":"2024-03-05T00:00:00Z","advisories":["RHSA-2024:1363","RHSA-2024:1362","RHSA-2024:1461","RHSA-2024:1456"],"bugzilla":"2268046","bugzilla_description":"golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["openshift4/numaresources-operator-bundle:v4.14.3-4","openshift4/numaresources-rhel9-operator:v4.15.1-3","openshift4/noderesourcetopology-scheduler-rhel9:v4.15.1-3","openshift4/dpdk-base-rhel8:v4.14.3-2","cri-o-0:1.27.4-5.rhaos4.14.git8d40fed.el9","openshift4/cnf-tests-rhel8:v4.14.3-4","openshift4/numaresources-must-gather-rhel9:v4.14.3-39","openshift4/noderesourcetopology-scheduler-rhel9:v4.14.3-3","openshift4/numaresources-rhel9-operator:v4.14.3-3","cri-o-0:1.26.5-10.rhaos4.13.gita08b329.el9","openshift4/dpdk-base-rhel8:v4.15.1-2","openshift4/numaresources-must-gather-rhel9:v4.15.1-24","openshift4/cnf-tests-rhel8:v4.15.1-3","openshift4/numaresources-operator-bundle:v4.15.1-4"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24786.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2024-27351","severity":"moderate","public_date":"2024-03-04T09:00:00Z","advisories":[],"bugzilla":"2266045","bugzilla_description":"python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1333","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27351.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-26622","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267721","bugzilla_description":"kernel: tomoyo: fix UAF write bug in tomoyo_write_control()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26622.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2023-52579","severity":null,"public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267759","bugzilla_description":"kernel: ipv4: NULL pointer dereference in ipv4_link_failure()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52579.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2021-47104","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267828","bugzilla_description":"kernel: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47104.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47106","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267829","bugzilla_description":"kernel: netfilter: nf_tables: fix use-after-free in nft_set_catchall_destroy()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47106.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47108","severity":"low","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267910","bugzilla_description":"kernel: drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47108.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47107","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267911","bugzilla_description":"kernel: NFSD: Fix READDIR buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47107.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-47105","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267912","bugzilla_description":"kernel: ice: xsk: return xsk buffers back to pool when cleaning the ring","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47105.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47103","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267914","bugzilla_description":"kernel: inet: fully convert sk->sk_rx_dst to RCU rules","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47103.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-47102","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267915","bugzilla_description":"kernel: net: marvell: prestera: fix incorrect structure access","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47102.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47101","severity":"low","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267916","bugzilla_description":"kernel: asix: fix uninit-value in asix_mdio_read()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-457","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47101.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47100","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267918","bugzilla_description":"kernel: ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47100.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47099","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267919","bugzilla_description":"kernel: veth: ensure skb entering GRO are not cloned.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47099.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47098","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267920","bugzilla_description":"kernel: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47098.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47097","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267925","bugzilla_description":"kernel: Input: elantech - fix stack out of bound access in elantech_change_report_id()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47097.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47096","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267927","bugzilla_description":"kernel: ALSA: rawmidi - fix the uninitalized user_pversion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-457","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47096.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47095","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267928","bugzilla_description":"kernel: ipmi: ssif: initialize ssif_info->client early","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47095.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47094","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267929","bugzilla_description":"kernel: KVM: x86/mmu: Don't advance iterator after restart due to yielding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47094.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-47093","severity":"low","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267931","bugzilla_description":"kernel: platform/x86: intel_pmc_core: fix memleak on registration failure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47093.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47092","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267932","bugzilla_description":"kernel: KVM: VMX: Always clear vmx->fail on emulation_required","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47092.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47091","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267934","bugzilla_description":"kernel: mac80211: fix locking in ieee80211_start_ap error path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47091.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47090","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267935","bugzilla_description":"kernel: mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47090.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47089","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267936","bugzilla_description":"kernel: kfence: fix memory leak when cat kfence objects","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47089.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-47088","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267937","bugzilla_description":"kernel: mm/damon/dbgfs: protect targets destructions with kdamond_lock","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47088.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-47087","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267938","bugzilla_description":"kernel: tee: optee: Fix incorrect page free bug","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47087.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47086","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267939","bugzilla_description":"kernel: phonet/pep: refuse to enable an unbound pipe","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47086.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47085","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267940","bugzilla_description":"kernel: hamradio: improve the incomplete fix to avoid NPD","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47085.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47084","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267941","bugzilla_description":"kernel: hamradio: defer ax25 kfree after unregister_netdev","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47084.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2021-47083","severity":"moderate","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267942","bugzilla_description":"kernel: pinctrl: mediatek: fix global-out-of-bounds issue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47083.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47082","severity":"low","public_date":"2024-03-04T00:00:00Z","advisories":[],"bugzilla":"2267943","bugzilla_description":"kernel: tun: avoid double free in tun_free_netdev","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-415","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47082.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-1936","severity":"important","public_date":"2024-03-04T00:00:00Z","advisories":["RHSA-2024:1493","RHSA-2024:1492","RHSA-2024:1495","RHSA-2024:1494","RHSA-2024:1497","RHSA-2024:1496","RHSA-2024:1499","RHSA-2024:1498","RHSA-2024:1500"],"bugzilla":"2268171","bugzilla_description":"Mozilla: Leaking of encrypted email subjects to other conversations","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-311","affected_packages":["thunderbird-0:115.9.0-1.el8_9","thunderbird-0:115.9.0-1.el7_9","thunderbird-0:115.9.0-1.el8_8","thunderbird-0:115.9.0-1.el8_6","thunderbird-0:115.9.0-1.el8_4","thunderbird-0:115.9.0-1.el9_3","thunderbird-0:115.9.0-1.el9_2","thunderbird-0:115.9.0-1.el8_2","thunderbird-0:115.9.0-1.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1936.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-25210","severity":"moderate","public_date":"2024-03-03T00:00:00Z","advisories":[],"bugzilla":"2268201","bugzilla_description":"helm: shows secrets with --dry-run option in clear text","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-201","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25210.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-26621","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267505","bugzilla_description":"kernel: mm: huge_memory: don't force huge page alignment on 32 bit","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26621.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2022-48628","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267507","bugzilla_description":"kernel: ceph: drop messages from MDS when unmounting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-311","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48628.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2022-48627","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267509","bugzilla_description":"kernel: vt: fix memory overlapping when deleting chars in the buffer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1260","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48627.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2023-52566","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267719","bugzilla_description":"kernel: nilfs2: potential use after free in nilfs_gccache_submit_read_data()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52566.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52565","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267724","bugzilla_description":"kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52565.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2023-52563","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267728","bugzilla_description":"kernel: drm/meson: memory leak on ->hpd_notify callback","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52563.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2023-52560","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267730","bugzilla_description":"kernel: mm/damon/vaddr-test: memory leak in damon_do_test_apply_three_regions()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52560.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2023-52559","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267733","bugzilla_description":"kernel: iommu/vt-d: memory allocation in iommu_suspend() leading to intermittent suspend/hibernation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52559.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2023-52561","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267736","bugzilla_description":"kernel: arm64: dts: qcom: sdm845-db845c: unreserved cont splash memory region leads to kernel panic","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-188","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52561.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2023-52562","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267737","bugzilla_description":"kernel: mm/slab_common: slab_caches list corruption after kmem_cache_destroy()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52562.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52564","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267738","bugzilla_description":"kernel: tty: n_gsm: use-after-free in gsm_cleanup_mux()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52564.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52567","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267739","bugzilla_description":"kernel: serial: 8250_port: IRQ data NULL pointer dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52567.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.1"},{"CVE":"CVE-2023-52568","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267740","bugzilla_description":"kernel: x86/sgx: SECS reclaim vs. page fault for EAUG race","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362->CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52568.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.1"},{"CVE":"CVE-2023-52569","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267741","bugzilla_description":"kernel: btrfs: improper BUG() call after failure to insert delayed dir index item","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-755","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52569.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2023-52570","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267744","bugzilla_description":"kernel: vfio/mdev: fault injection leading to NULL pointer dereference in mdev_unregister_parent()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52570.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.1"},{"CVE":"CVE-2023-52571","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267745","bugzilla_description":"kernel: power: supply: rk817: refcount leak in rk817_charger_probe()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-911","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52571.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2023-52572","severity":null,"public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267746","bugzilla_description":"kernel: cifs: use-after-free in cifs_demultiplex_thread()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52572.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2023-52573","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267748","bugzilla_description":"kernel: net: rds: NULL pointer dereference in rds_rdma_cm_event_handler_cmn()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52573.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.1"},{"CVE":"CVE-2023-52574","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267750","bugzilla_description":"kernel: team: NULL pointer dereference when team device type is changed","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52574.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52575","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267751","bugzilla_description":"kernel: x86/srso: SBPB enablement for spec_rstack_overflow=off","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52575.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"5.6"},{"CVE":"CVE-2023-52576","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267755","bugzilla_description":"kernel: x86/mm, kexec, ima: potential use-after-free in memblock_isolate_range()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52576.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52577","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267757","bugzilla_description":"kernel: dccp: out-of-bounds access in dccp_v4_err() and dccp_v6_err()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52577.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52578","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267758","bugzilla_description":"kernel: net: bridge: data races indata-races in br_handle_frame_finish()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52578.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2023-52580","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267760","bugzilla_description":"kernel: net/core: kernel crash in ETH_P_1588 flow dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-131","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52580.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52581","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267761","bugzilla_description":"kernel: netfilter: nf_tables: memory leak when more than 255 elements expired","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52581.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52582","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267762","bugzilla_description":"kernel: netfs: improper loop in netfs_rreq_unlock_folios()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-606","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52582.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52512","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267771","bugzilla_description":"kernel: pinctrl: nuvoton: wpcm450: fix out of bounds write","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52512.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2023-52511","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267772","bugzilla_description":"kernel: spi: sun6i: reduce DMA RX transfer width to single byte","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52511.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52510","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267773","bugzilla_description":"kernel: ieee802154: ca8210: Fix a potential UAF in ca8210_probe","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52510.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52509","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267774","bugzilla_description":"kernel: ravb: Fix use-after-free issue in ravb_tx_timeout_work()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52509.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52508","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267775","bugzilla_description":"kernel: nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52508.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52507","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267776","bugzilla_description":"kernel: nfc: nci: assert requested protocol is valid","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52507.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52506","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267777","bugzilla_description":"kernel: LoongArch: Set all reserved memblocks on Node#0 at initialization","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52506.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52505","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267778","bugzilla_description":"kernel: phy: lynx-28g: serialize concurrent phy_set_mode_ext() calls to shared registers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-414","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52505.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52504","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267779","bugzilla_description":"kernel: x86/alternatives: Disable KASAN in apply_alternatives()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52504.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52503","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267780","bugzilla_description":"kernel: tee: amdtee: fix use-after-free vulnerability in amdtee_close_session","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52503.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52502","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267781","bugzilla_description":"kernel: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52502.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52501","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267782","bugzilla_description":"kernel: ring-buffer: Do not attempt to read past \"commit\"","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52501.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52500","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267783","bugzilla_description":"kernel: scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52500.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52499","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267784","bugzilla_description":"kernel: powerpc/47x: Fix 47x syscall return crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52499.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52532","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267785","bugzilla_description":"kernel: net: mana: Fix TX CQE error handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52532.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52531","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267786","bugzilla_description":"kernel: wifi: iwlwifi: mvm: Fix a memory corruption issue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52531.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52530","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267787","bugzilla_description":"kernel: wifi: mac80211: fix potential key use-after-free","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52530.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52529","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267788","bugzilla_description":"kernel: HID: sony: Fix a potential memory leak in sony_probe()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52529.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52528","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267789","bugzilla_description":"kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-252","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52528.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52527","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267790","bugzilla_description":"kernel: ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52527.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2023-52526","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267791","bugzilla_description":"kernel: erofs: fix memory leak of LZMA global compressed deduplication","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52526.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52525","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267792","bugzilla_description":"kernel: wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52525.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52524","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267793","bugzilla_description":"kernel: net: nfc: llcp: Add lock when modifying device list","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-414","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52524.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2023-52523","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267794","bugzilla_description":"kernel: bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52523.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52522","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267795","bugzilla_description":"kernel: net: fix possible store tearing in neigh_periodic_work()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52522.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52521","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267796","bugzilla_description":"kernel: bpf: Annotate bpf_long_memcpy with data_race","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52521.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52520","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267797","bugzilla_description":"kernel: platform/x86: think-lmi: Fix reference leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52520.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52519","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267798","bugzilla_description":"kernel: HID: intel-ish-hid: ipc: Disable and reenable ACPI GPE bit","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52519.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52518","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267799","bugzilla_description":"kernel: Bluetooth: hci_codec: Fix leaking content of local_codecs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52518.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2023-52517","severity":"moderate","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267800","bugzilla_description":"kernel: spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52517.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"5.7"},{"CVE":"CVE-2023-52516","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267801","bugzilla_description":"kernel: dma-debug: don't call __dma_entry_alloc_check_leak() under free_entries_lock","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52516.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52515","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267802","bugzilla_description":"kernel: RDMA/srp: Do not call scsi_done() from srp_abort()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52515.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52514","severity":null,"public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267803","bugzilla_description":"kernel: x86/reboot: VMCLEAR active VMCSes before emergency reboot","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52514.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52513","severity":"low","public_date":"2024-03-02T00:00:00Z","advisories":[],"bugzilla":"2267804","bugzilla_description":"kernel: RDMA/siw: Fix connection failure handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52513.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-1441","severity":"moderate","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2263841","bugzilla_description":"libvirt: off-by-one error in udevListInterfacesByStatus()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-193","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1441.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47072","severity":"moderate","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267370","bugzilla_description":"kernel: btrfs: fix removed dentries still existing after log is synced","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47072.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47071","severity":"low","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267373","bugzilla_description":"kernel: uio_hv_generic: Fix a memory leak in error handling paths","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47071.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47069","severity":"moderate","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267513","bugzilla_description":"kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47069.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-47070","severity":"low","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267516","bugzilla_description":"kernel: uio_hv_generic: Fix another memory leak in error handling paths","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47070.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47073","severity":"low","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267518","bugzilla_description":"kernel: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47073.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-47074","severity":"low","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267521","bugzilla_description":"kernel: nvme-loop: fix memory leak in nvme_loop_create_ctrl()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47074.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47075","severity":"low","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267523","bugzilla_description":"kernel: nvmet: fix memory leak in nvmet_alloc_ctrl()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47075.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47076","severity":"low","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267525","bugzilla_description":"kernel: RDMA/rxe: Return CQE error if invalid lkey was supplied","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47076.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47077","severity":"low","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267527","bugzilla_description":"kernel: scsi: qedf: Add pointer checks in qedf_update_link_speed()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47077.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47078","severity":"moderate","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267529","bugzilla_description":"kernel: RDMA/rxe: Clear all QP fields if creation failed","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47078.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47079","severity":"low","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267531","bugzilla_description":"kernel: platform/x86: ideapad-laptop: fix a NULL pointer dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47079.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47080","severity":"low","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267533","bugzilla_description":"kernel: RDMA/core: Prevent divide-by-zero error triggered by the user","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47080.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47081","severity":"moderate","public_date":"2024-03-01T00:00:00Z","advisories":[],"bugzilla":"2267535","bugzilla_description":"kernel: habanalabs/gaudi: Fix a potential use after free in gaudi_memset_device_memory","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47081.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-1657","severity":"important","public_date":"2024-02-29T00:00:00Z","advisories":["RHSA-2024:1057"],"bugzilla":"2265085","bugzilla_description":"ansible automation platform: Insecure websocket used when interacting with EDA server","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-923->CWE-1385","affected_packages":["ansible-automation-platform-installer-0:2.4-6.el9ap","ansible-automation-platform-installer-0:2.4-6.el8ap","ansible-rulebook-0:1.0.5-1.el9ap","ansible-rulebook-0:1.0.5-1.el8ap","automation-eda-controller-0:1.0.5-1.el9ap","automation-eda-controller-0:1.0.5-1.el8ap"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1657.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2023-52475","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2266916","bugzilla_description":"kernel: use-after-free in powermate_config_complete","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52475.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2023-51775","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2266921","bugzilla_description":"jose4j: denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51775.json"},{"CVE":"CVE-2023-51774","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2266922","bugzilla_description":"json-jwt: bypass of identity checks via a sign/encryption confusion attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51774.json"},{"CVE":"CVE-2023-52484","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267023","bugzilla_description":"kernel: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52484.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52483","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267026","bugzilla_description":"kernel: mctp: perform route lookups under a RCU read-side lock","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52483.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2023-52482","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267028","bugzilla_description":"kernel: x86/srso: Add SRSO mitigation for Hygon processors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-562","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52482.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2023-52481","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267030","bugzilla_description":"kernel: arm64: errata: Add Cortex-A520 speculative unprivileged load workaround","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1300","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52481.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52480","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267032","bugzilla_description":"kernel: ksmbd: fix race condition between session lookup and expire","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52480.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.1"},{"CVE":"CVE-2023-52479","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267034","bugzilla_description":"kernel: ksmbd: fix uaf in smb20_oplock_break_ack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52479.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52478","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267036","bugzilla_description":"kernel: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52478.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52477","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267038","bugzilla_description":"kernel: usb: hub: Guard against accesses to uninitialized BOS descriptors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52477.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52476","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267041","bugzilla_description":"kernel: perf/x86/lbr: Filter vsyscall addresses","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-404","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52476.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26607","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267080","bugzilla_description":"kernel: drm/bridge: sii902x: Fix probing race issue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26607.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47066","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267162","bugzilla_description":"kernel: async_xor: increase src_offs when dropping destination page cause data corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-222","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47066.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"3.4"},{"CVE":"CVE-2021-47065","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267165","bugzilla_description":"kernel: rtw88: Fix array overrun in rtw_get_tx_power_params()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47065.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47064","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267167","bugzilla_description":"kernel: mt76: fix potential DMA mapping leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47064.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.3"},{"CVE":"CVE-2021-47063","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267169","bugzilla_description":"kernel: drm: bridge/panel: UAF while Cleanup connector on bridge detach","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47063.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2021-47062","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267171","bugzilla_description":"kernel: KVM: SVM: null pointer in online_vcpus, not created_vcpus, to iterate over vCPUs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47062.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47061","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267173","bugzilla_description":"kernel: KVM: use-after-free while destroy I/O bus devices on unregister failure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47061.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2021-47060","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267175","bugzilla_description":"kernel: KVM: use-after-free while looking for coalesced MMIO zones if the bus is destroyed","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47060.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2021-47059","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267177","bugzilla_description":"kernel: crypto: sun8i-ss - fix result memory leak on error path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47059.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-47058","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267179","bugzilla_description":"kernel: use-after-free regmap: set debugfs_name to NULL after it is freed","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47058.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"3.4"},{"CVE":"CVE-2021-47057","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267181","bugzilla_description":"kernel: crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47057.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-47056","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267183","bugzilla_description":"kernel: crypto: denial-of-service in ADF_STATUS_PF_RUNNING should be set after adf_dev_init","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47056.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47055","severity":null,"public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267185","bugzilla_description":"kernel: mtd: require write permissions for locking and badblock ioctls","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47055.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2021-47054","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267187","bugzilla_description":"kernel: bus: qcom: memory leak while put child node before return","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47054.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-47068","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267190","bugzilla_description":"kernel: net/nfc: fix use-after-free llcp_sock_bind/connect","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47068.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2021-47067","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267192","bugzilla_description":"kernel: soc/tegra: regulators: Fix locking up when voltage-spread is out of range","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47067.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2023-52485","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267195","bugzilla_description":"kernel: drm/amd/display: Wake DMCUB before sending a command cause deadlock","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52485.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46959","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267198","bugzilla_description":"kernel: spi: Fix use-after-free with devm_spi_alloc_*","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46959.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2021-47016","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267200","bugzilla_description":"kernel: m68k: mvme147,mvme16x: Don't wipe PCC timer config bits","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47016.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47020","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267202","bugzilla_description":"kernel: soundwire: stream: fix memory leak in stream config error path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47020.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2024-24246","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267204","bugzilla_description":"qpdf: Heap Buffer Overflow vulnerability in qpdf","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-126","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24246.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-52497","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267333","bugzilla_description":"kernel: erofs: fix lz4 inplace decompression","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52497.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26616","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267352","bugzilla_description":"kernel: btrfs: scrub: avoid use-after-free when chunk length is not 64K aligned","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26616.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26615","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2267355","bugzilla_description":"kernel: net/smc: fix illegal rmb_desc access in SMC-D connection dump","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26615.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52496","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2268451","bugzilla_description":"kernel: mtd: maps: vmu-flash: Fix the (mtd core) switch to ref counters","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52496.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52488","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2268455","bugzilla_description":"kernel: serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52488.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52498","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269063","bugzilla_description":"kernel: PM: sleep: Fix possible deadlocks in core system-wide PM code","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52498.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52487","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269067","bugzilla_description":"kernel: net/mlx5e: Fix peer flow lists handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52487.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52486","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269070","bugzilla_description":"kernel: drm: Don't unref the same fb many times by mistake due to deadlock handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52486.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52495","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269177","bugzilla_description":"kernel: soc: qcom: pmic_glink_altmode: fix port sanity check","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52495.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52494","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269179","bugzilla_description":"kernel: bus: mhi: host: Add alignment check for event ring read pointer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52494.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52493","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269181","bugzilla_description":"kernel: bus: mhi: host: Drop chan lock before queuing buffers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-414","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52493.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52492","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269183","bugzilla_description":"kernel: dmaengine: fix NULL pointer in channel unregistration function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52492.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52491","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269185","bugzilla_description":"kernel: media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52491.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.1"},{"CVE":"CVE-2023-52490","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269187","bugzilla_description":"kernel: mm: migrate: fix getting incorrect page mapping during page migration","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52490.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52489","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269189","bugzilla_description":"kernel: mm/sparsemem: fix race in accessing memory_section->usage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52489.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26618","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269192","bugzilla_description":"hw: arm64/sme: Always exit sme_alloc() early with existing storage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26618.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2024-26617","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269194","bugzilla_description":"kernel: fs/proc/task_mmu: move mmu notification mechanism inside mm lock","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26617.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2024-26619","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269197","bugzilla_description":"kernel: riscv: Fix module loading free order","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26619.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2024-26613","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269199","bugzilla_description":"kernel: net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26613.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2024-26612","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269201","bugzilla_description":"kernel: netfs, fscache: Prevent Oops in fscache_put_cache()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26612.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2024-26611","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269203","bugzilla_description":"kernel: xsk: fix usage of multi-buffer BPF helpers for ZC XDP","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26611.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2024-26608","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269206","bugzilla_description":"kernel: ksmbd: fix global oob in ksmbd_nl_policy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26608.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2024-26614","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269211","bugzilla_description":"kernel: tcp: make sure init the accept_queue's spinlocks once","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26614.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2024-26610","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269213","bugzilla_description":"kernel: wifi: iwlwifi: fix a memory corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-680","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26610.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2024-26609","severity":"moderate","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269217","bugzilla_description":"kernel: netfilter: nf_tables: reject QUEUE/DROP verdict parameters","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26609.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26620","severity":"low","public_date":"2024-02-29T00:00:00Z","advisories":[],"bugzilla":"2269235","bugzilla_description":"kernel: s390/vfio-ap: always filter entire AP matrix","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26620.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-0560","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2258456","bugzilla_description":"apicast: use_3scale_oidc_issuer_endpoint of Token Introspection policy isn't compatible with RH-SSO 7.5 or later versions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-280","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0560.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2021-47017","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266588","bugzilla_description":"kernel: use after free in ath10k_htc_send_bundle","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47017.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2021-47018","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266594","bugzilla_description":"kernel: ensure definition of the fixmap area is in a limit","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47018.json"},{"CVE":"CVE-2021-47019","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266597","bugzilla_description":"kernel: mt76: possible invalid register access","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47019.json"},{"CVE":"CVE-2021-47048","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266614","bugzilla_description":"kernel: spi: spi-zynqmp-gqspi: fix use-after-free in zynqmp_qspi_exec_op","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47048.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47053","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266720","bugzilla_description":"kernel: crypto: sun8i-ss - Fix memory leak of pad","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47053.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47052","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266722","bugzilla_description":"kernel: crypto: sa2ul - Fix memory leak of rxd","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47052.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47045","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266724","bugzilla_description":"kernel: scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47045.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47051","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266728","bugzilla_description":"kernel: spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47051.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2024-26458","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266731","bugzilla_description":"krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26458.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2021-47050","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266735","bugzilla_description":"kernel: memory: renesas-rpc-if: fix possible NULL pointer dereference of resource","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47050.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47014","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266738","bugzilla_description":"kernel: net/sched: act_ct: fix wild memory access when clearing fragments","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47014.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2024-26461","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266740","bugzilla_description":"krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26461.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-26462","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266742","bugzilla_description":"krb5: Memory leak at /krb5/src/kdc/ndr.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26462.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2021-46984","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266750","bugzilla_description":"kernel: kyber: fix out of bounds access when preempted","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46984.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-46987","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266752","bugzilla_description":"kernel: btrfs: fix deadlock when cloning inline extents and using qgroups","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46987.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47009","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266756","bugzilla_description":"kernel: KEYS: trusted: Fix memory leak on object td","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47009.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47047","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266758","bugzilla_description":"kernel: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-253","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47047.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"5.6"},{"CVE":"CVE-2021-47015","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266760","bugzilla_description":"kernel: bnxt_en: Fix RX consumer index logic in the error path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-612","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47015.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47013","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266841","bugzilla_description":"kernel: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47013.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2021-47012","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266844","bugzilla_description":"kernel: RDMA/siw: Fix a use after free in siw_alloc_mr","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47012.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2021-47011","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266847","bugzilla_description":"kernel: mm: memcontrol: slab: fix obtain a reference to a freeing memcg","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47011.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-47010","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266849","bugzilla_description":"kernel: net: Only allow init netns to set default tcp cong to a restricted algo","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47010.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2021-47008","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266851","bugzilla_description":"kernel: KVM: SVM: Make sure GHCB is mapped before updating","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47008.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47007","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266854","bugzilla_description":"kernel: f2fs: fix panic during f2fs_resize_fs()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-789","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47007.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47006","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266857","bugzilla_description":"kernel: ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-253","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47006.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47005","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266861","bugzilla_description":"kernel: PCI: endpoint: Fix NULL pointer dereference for ->get_features()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47005.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47004","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266863","bugzilla_description":"kernel: f2fs: fix to avoid touching checkpointed data in get_victim()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47004.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47003","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266865","bugzilla_description":"kernel: dmaengine: idxd: Fix potential null dereference on pointer status","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47003.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47002","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266867","bugzilla_description":"kernel: SUNRPC: Fix null pointer dereference in svc_rqst_free()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47002.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47001","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266869","bugzilla_description":"kernel: xprtrdma: Fix cwnd update ordering","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47001.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-47000","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266871","bugzilla_description":"kernel: ceph: fix inode leak on getattr error in __fh_to_dentry","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47000.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46999","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266874","bugzilla_description":"kernel: sctp: do asoc update earlier in sctp_sf_do_dupcook_a","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46999.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46998","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266877","bugzilla_description":"kernel: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46998.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46997","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266879","bugzilla_description":"kernel: arm64: entry: always set GIC_PRIO_PSR_I_SET during entry","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46997.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2021-46996","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266881","bugzilla_description":"kernel: netfilter: nftables: Fix a memleak from userdata error path in new objects","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46996.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-46995","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266883","bugzilla_description":"kernel: can: mcp251xfd: mcp251xfd_probe(): fix an error pointer dereference in probe","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-822","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46995.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-46994","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266885","bugzilla_description":"kernel: can: mcp251x: fix resume from sleep before interface was brought up","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46994.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46993","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266888","bugzilla_description":"kernel: sched: Fix out-of-bound access in uclamp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46993.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-46992","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266890","bugzilla_description":"kernel: netfilter: nftables: avoid overflows in nft_hash_buckets()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46992.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-46991","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266894","bugzilla_description":"kernel: i40e: Fix use-after-free in i40e_client_subtask()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46991.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-46990","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266896","bugzilla_description":"kernel: powerpc/64s: Fix crashes when toggling entry flush barrier","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46990.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46989","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266898","bugzilla_description":"kernel: hfsplus: prevent corruption in shrinking truncate","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-229","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46989.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46988","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266900","bugzilla_description":"kernel: userfaultfd: release page in error path to avoid BUG_ON","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46988.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46986","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266902","bugzilla_description":"kernel: usb: dwc3: gadget: Free gadget structure only after freeing endpoints","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46986.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46985","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266904","bugzilla_description":"kernel: ACPI: scan: Fix a memory leak in an error handling path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46985.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-46983","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266906","bugzilla_description":"kernel: nvmet-rdma: Fix NULL deref when SEND is completed with error","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46983.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46982","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266908","bugzilla_description":"kernel: f2fs: compress: fix race condition of overwrite vs truncate","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46982.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46981","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266911","bugzilla_description":"kernel: nbd: Fix NULL pointer in flush_workqueue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46981.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46980","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266914","bugzilla_description":"kernel: usb: typec: ucsi: Retrieve all the PDOs instead of just the first 4","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46980.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-46979","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266917","bugzilla_description":"kernel: iio: core: fix ioctl handlers removal","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-415","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46979.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46978","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266919","bugzilla_description":"kernel: KVM: nVMX: Always make an attempt to map eVMCS after migration","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46978.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46977","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266924","bugzilla_description":"kernel: KVM: VMX: Disable preemption when probing user return MSRs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46977.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46976","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266928","bugzilla_description":"kernel: drm/i915: Fix crash in auto_retire","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46976.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2020-36778","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266940","bugzilla_description":"kernel: i2c: xiic: fix reference leak when pm_runtime_get_sync fails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36778.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2020-36779","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266942","bugzilla_description":"kernel: i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36779.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2020-36780","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266944","bugzilla_description":"kernel: i2c: sprd: fix reference leak when pm_runtime_get_sync fails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36780.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2020-36781","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266946","bugzilla_description":"kernel: i2c: imx: fix reference leak when pm_runtime_get_sync fails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36781.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2020-36782","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266948","bugzilla_description":"kernel: i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36782.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2020-36783","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266950","bugzilla_description":"kernel: i2c: img-scb: fix reference leak when pm_runtime_get_sync fails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36783.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2020-36784","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266952","bugzilla_description":"kernel: i2c: cadence: fix reference leak when pm_runtime_get_sync fails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36784.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2020-36785","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266954","bugzilla_description":"kernel: media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36785.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2020-36786","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266956","bugzilla_description":"kernel: media: [next] staging: media: atomisp: fix memory leak of object flash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36786.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2020-36787","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266958","bugzilla_description":"kernel: media: aspeed: fix clock handling logic","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36787.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47021","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266961","bugzilla_description":"kernel: mt76: mt7915: fix memleak when mt7915_unregister_device()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47021.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47022","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266963","bugzilla_description":"kernel: mt76: mt7615: fix memleak when mt7615_unregister_device()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47022.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47023","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266965","bugzilla_description":"kernel: net: marvell: prestera: fix port event handling on init","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47023.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-47024","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266967","bugzilla_description":"kernel: vsock/virtio: free queued packets when closing socket","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47024.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-47025","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266969","bugzilla_description":"kernel: iommu/mediatek: Always enable the clk on resume","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47025.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-47026","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266971","bugzilla_description":"kernel: RDMA/rtrs-clt: destroy sysfs after removing session from active list","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47026.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47027","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266973","bugzilla_description":"kernel: mt76: mt7921: fix kernel crash when the firmware fails to download","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47027.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-47028","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266975","bugzilla_description":"kernel: mt76: mt7915: fix txrate reporting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47028.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-47029","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266977","bugzilla_description":"kernel: mt76: connac: fix kernel warning adding monitor interface","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47029.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-47030","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266980","bugzilla_description":"kernel: mt76: mt7615: fix memory leak in mt7615_coredump_work","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47030.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47031","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266982","bugzilla_description":"kernel: mt76: mt7921: fix memory leak in mt7921_coredump_work","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47031.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.3"},{"CVE":"CVE-2021-47032","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266984","bugzilla_description":"kernel: mt76: mt7915: fix tx skb dma unmap","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47032.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.3"},{"CVE":"CVE-2021-47033","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266988","bugzilla_description":"kernel: mt76: mt7615: fix tx skb dma unmap","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47033.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.3"},{"CVE":"CVE-2021-47034","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266990","bugzilla_description":"kernel: powerpc/64s: Fix pte update for kernel memory on radix","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47034.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47035","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266992","bugzilla_description":"kernel: iommu/vt-d: Remove WO permissions on second-level paging entries","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47035.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"6.0"},{"CVE":"CVE-2021-47036","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266994","bugzilla_description":"kernel: udp: skip L4 aggregation for UDP tunnel packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47036.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2021-47037","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266996","bugzilla_description":"kernel: ASoC: q6afe-clocks: fix reprobing of the driver","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47037.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47038","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2266998","bugzilla_description":"kernel: Bluetooth: avoid deadlock between hci_dev->lock and socket lock","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47038.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.7"},{"CVE":"CVE-2021-47039","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2267001","bugzilla_description":"kernel: ataflop: potential out of bounds in do_format()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47039.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47040","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2267003","bugzilla_description":"kernel: io_uring: fix overflows checks in provide buffers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47040.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47041","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2267006","bugzilla_description":"kernel: nvmet-tcp: fix incorrect locking in state_change sk callback","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47041.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-47042","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2267008","bugzilla_description":"kernel: drm/amd/display: Free local data after use","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47042.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47043","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2267010","bugzilla_description":"kernel: media: venus: core: Fix some resource leaks in the error path of 'venus_probe()'","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47043.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-47044","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2267012","bugzilla_description":"kernel: sched/fair: Fix shift-out-of-bounds in load_balance()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47044.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-47046","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2267014","bugzilla_description":"kernel: drm/amd/display: Fix off by one in hdmi_14_process_transaction()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47046.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-47049","severity":"low","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2267016","bugzilla_description":"kernel: Drivers: hv: vmbus: Use after free in __vmbus_open()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-47049.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2024-27285","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2267244","bugzilla_description":"yard: Cross-site scripting in the frams.erb template file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27285.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2024-27913","severity":"moderate","public_date":"2024-02-28T00:00:00Z","advisories":[],"bugzilla":"2267347","bugzilla_description":"frr: Denial of service via malformed OSPF LSA packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-703","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27913.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2021-46923","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266312","bugzilla_description":"kernel: fs/mount_setattr: always cleanup mount_kattr","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46923.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-46932","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266318","bugzilla_description":"kernel: Input: appletouch - initialize work before device registration","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46932.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-46931","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266337","bugzilla_description":"kernel: net/mlx5e: Wrap the tx reporter dump callback to extract the sq","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46931.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2021-46930","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266345","bugzilla_description":"kernel: usb: mtu3: fix list_head check warning","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46930.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46929","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266357","bugzilla_description":"kernel: sctp: use call_rcu to free endpoint","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46929.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46927","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266365","bugzilla_description":"kernel: nitro_enclaves: Use get_user_pages_unlocked() call to handle mmap assert","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46927.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-46926","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266370","bugzilla_description":"kernel: ALSA: hda: intel-sdw-acpi: harden detection of controller","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46926.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-46916","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266371","bugzilla_description":"kernel: NULL pointer dereference in ethtool loopback test","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46916.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46918","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266373","bugzilla_description":"kernel: MSIX permission entry on shutdown","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46918.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-46925","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266375","bugzilla_description":"kernel: net/smc: fix kernel panic caused by race of smc_sock","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46925.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2021-46917","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266376","bugzilla_description":"kernel: wq reset does not clear WQCFG registers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46917.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.3"},{"CVE":"CVE-2021-46937","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266378","bugzilla_description":"kernel: fix 'struct pid' leaks in 'dbgfs_target_ids_write()'","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46937.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-46913","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266386","bugzilla_description":"kernel: netfilter: nftables: clone set element expression template","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46913.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46919","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266397","bugzilla_description":"kernel: wq size store permission state","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46919.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2021-46920","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266398","bugzilla_description":"kernel: clobbering of SWERR overflow bit on writeback","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-353","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46920.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2024-27507","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266401","bugzilla_description":"liblas: memory leak may lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27507.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2021-46907","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266406","bugzilla_description":"kernel: KVM: internal.ndata could be updated by the user process at anytime","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46907.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-46908","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266407","bugzilla_description":"kernel: unknown scalars with mixed signed bounds masking mitigation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46908.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2021-46909","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266408","bugzilla_description":"kernel: PCI interrupt mapping cause oops","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46909.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46910","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266414","bugzilla_description":"kernel: kmap_local() doubles the number of per-CPU","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-118","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46910.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46912","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266421","bugzilla_description":"kernel: namespace leak into all other net namespaces","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46912.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-46911","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266422","bugzilla_description":"kernel: denial of service in ch_ktls","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46911.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46915","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266423","bugzilla_description":"kernel: netfilter: divide error in nft_limit_init","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46915.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46914","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266427","bugzilla_description":"kernel: unbalanced device enable/disable in suspend/resume","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46914.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2021-46935","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266436","bugzilla_description":"kernel: binder: fix async_free_space accounting for empty parcels","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46935.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-46921","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266440","bugzilla_description":"kernel: locking/qrwlock: Fix ordering in queued_write_lock_slowpath()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46921.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-46936","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266443","bugzilla_description":"kernel: net: fix use-after-free in tw_timer_handler","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46936.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2021-46934","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266446","bugzilla_description":"kernel: i2c: validate user data in compat ioctl","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-703","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46934.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46933","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266448","bugzilla_description":"kernel: usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46933.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46928","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266453","bugzilla_description":"kernel: parisc: Clear stale IIR value on instruction access rights trap","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-274","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46928.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46924","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266455","bugzilla_description":"kernel: NFC: st21nfca: Fix memory leak in device probe and remove","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46924.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46922","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266457","bugzilla_description":"kernel: KEYS: trusted: Fix TPM reservation for seal/unseal","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46922.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46958","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266461","bugzilla_description":"kernel: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46958.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46957","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266463","bugzilla_description":"kernel: riscv/kprobe: fix kernel panic when invoking sys_read traced by kprobe","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46957.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46956","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266466","bugzilla_description":"kernel: virtiofs: fix memory leak in virtio_fs_probe()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46956.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-46955","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266468","bugzilla_description":"kernel: openvswitch: fix stack OOB read while fragmenting IPv4 packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46955.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-46953","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266471","bugzilla_description":"kernel: ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46953.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-46951","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266475","bugzilla_description":"kernel: tpm: efi: Use local variable for calculating final log size","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-191","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46951.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-46949","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266477","bugzilla_description":"kernel: sfc: farch: fix TX queue lookup in TX flush done handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46949.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46948","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266479","bugzilla_description":"kernel: sfc: farch: fix TX queue lookup in TX event handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46948.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46947","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266481","bugzilla_description":"kernel: sfc: adjust efx->xdp_tx_queue_count with the real number of initialized queues","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46947.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46946","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266484","bugzilla_description":"kernel: ext4: fix check to prevent false positive report of incorrect used inodes","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46946.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-46945","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266486","bugzilla_description":"kernel: ext4: always panic when errors=panic is specified","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46945.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46944","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266488","bugzilla_description":"kernel: media: staging/intel-ipu3: Fix memory leak in imu_fmt","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46944.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-46943","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266490","bugzilla_description":"kernel: media: staging/intel-ipu3: Fix set_fmt error handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-131","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46943.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-46941","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266492","bugzilla_description":"kernel: usb: dwc3: core: Do core softreset when switch mode","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46941.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46940","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266494","bugzilla_description":"kernel: tools/power turbostat: Fix offset overflow issue in index converting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46940.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2021-46939","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266497","bugzilla_description":"kernel: tracing: Restructure trace_clock_global() to never block","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46939.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46938","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266499","bugzilla_description":"kernel: dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-415","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46938.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2021-46954","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266501","bugzilla_description":"kernel: net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46954.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2021-46950","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266504","bugzilla_description":"kernel: md/raid1: properly indicate failure when ending a failed write request","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46950.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2021-46942","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266507","bugzilla_description":"kernel: io_uring: fix shared sqpoll cancellation hangs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46942.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46952","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266510","bugzilla_description":"kernel: NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46952.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2024-21742","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266612","bugzilla_description":": Apache James Mime4J: Mime4J DOM header injection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21742.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2020-36777","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266746","bugzilla_description":"kernel: media: dvbdev: Fix memory leak in dvb_media_device_free()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36777.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"3.4"},{"CVE":"CVE-2020-36776","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266748","bugzilla_description":"kernel: thermal/drivers/cpufreq_cooling: Fix slab OOB issue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-126","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36776.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.3"},{"CVE":"CVE-2021-46969","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266798","bugzilla_description":"kernel: bus: mhi: core: Fix invalid error returning in mhi_queue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46969.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46968","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266802","bugzilla_description":"kernel: s390/zcrypt: fix zcard and zqueue hot-unplug memleak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46968.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-46967","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266804","bugzilla_description":"kernel: vhost-vdpa: fix vm_flags for virtqueue doorbell mapping","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-230","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46967.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46966","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266808","bugzilla_description":"kernel: ACPI: custom_method: fix potential use-after-free issue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46966.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2021-46965","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266812","bugzilla_description":"kernel: mtd: physmap: physmap-bt1-rom: Fix unintentional stack access","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46965.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-46964","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266814","bugzilla_description":"kernel: scsi: qla2xxx: Reserve extra IRQ vectors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46964.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46963","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266816","bugzilla_description":"kernel: scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46963.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46962","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266818","bugzilla_description":"kernel: mmc: uniphier-sd: Fix a resource leak in the remove function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46962.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2021-46961","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266820","bugzilla_description":"kernel: irqchip/gic-v3: Do not enable irqs when handling spurious interrups","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46961.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46960","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266822","bugzilla_description":"kernel: cifs: Return correct error code from smb2_get_enc_key","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-393","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46960.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-46975","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266824","bugzilla_description":"kernel: netfilter: conntrack: Make global sysctls readonly in non-init netns","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46975.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-46974","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266826","bugzilla_description":"kernel: bpf: Fix masking negation logic upon negative dst register","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46974.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2021-46973","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266828","bugzilla_description":"kernel: net: qrtr: Avoid potential use after free in MHI send","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46973.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-46972","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266831","bugzilla_description":"kernel: ovl: fix leaked dentry","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46972.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2021-46971","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266833","bugzilla_description":"kernel: perf/core: Fix unconditional security_locked_down() call","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-413","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46971.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.1"},{"CVE":"CVE-2021-46970","severity":"low","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2266835","bugzilla_description":"kernel: bus: mhi: pci_generic: Remove WQ_MEM_RECLAIM flag from state workqueue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46970.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2023-51747","severity":"moderate","public_date":"2024-02-27T00:00:00Z","advisories":[],"bugzilla":"2267363","bugzilla_description":"apache-james: SMTP smuggling","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51747.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2024-22201","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266136","bugzilla_description":"jetty: stop accepting new connections from valid clients","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22201.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-27456","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266156","bugzilla_description":"rack-cors: Insecure File Permissions in rack-cors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-276","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-27456.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-25082","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266180","bugzilla_description":"fontforge: command injection via crafted archives or compressed files.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-78","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25082.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"4.2"},{"CVE":"CVE-2024-25081","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266181","bugzilla_description":"fontforge: command injection via crafted filenames.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-78","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25081.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"4.2"},{"CVE":"CVE-2023-52465","severity":"low","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266207","bugzilla_description":"kernel: null pointer dereference in smb2_probe","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52465.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52466","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266210","bugzilla_description":"kernel: out-of-bounds read in pci_dev_for_each_resource()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52466.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2023-52467","severity":"low","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266212","bugzilla_description":"kernel:null pointer dereference in of_syscon_register()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52467.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2021-46904","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266216","bugzilla_description":"kernel: null-ptr-deref during tty device unregistration","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46904.json"},{"CVE":"CVE-2021-46905","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266253","bugzilla_description":"kernel:NULL-deref on disconnect regression","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46905.json"},{"CVE":"CVE-2024-26604","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266257","bugzilla_description":"kernel: null pointer dereference in kobject","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26604.json"},{"CVE":"CVE-2020-36775","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266267","bugzilla_description":"kernel: potential deadlock in f2fs_write_single_data_page","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36775.json"},{"CVE":"CVE-2021-46906","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266270","bugzilla_description":"kernel: info leak in hid_submit_ctrl","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-402","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46906.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2023-52474","severity":"low","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266278","bugzilla_description":"kernel: non-PAGE_SIZE-end multi-iovec user SDMA requests","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52474.json"},{"CVE":"CVE-2024-26606","severity":"low","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266286","bugzilla_description":"kernel: signal epoll threads of self-work","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26606.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2019-25160","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266290","bugzilla_description":"kernel: out-of-bounds memory accesses in netlabel","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25160.json"},{"CVE":"CVE-2019-25162","severity":"low","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266296","bugzilla_description":"kernel: use after free in i2c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25162.json"},{"CVE":"CVE-2023-52468","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266340","bugzilla_description":"kernel: use-after-free in class_register()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52468.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52469","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266341","bugzilla_description":"kernel: use-after-free in kv_parse_power_table","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52469.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52471","severity":"low","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266347","bugzilla_description":"kernel: null pointer dereference issues in ice_ptp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52471.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2023-52470","severity":"low","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266358","bugzilla_description":"kernel: null-ptr-deref in alloc_workqueue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52470.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52473","severity":"low","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266363","bugzilla_description":"kernel: NULL pointer dereference in zone registration error path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52473.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2023-52472","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2266364","bugzilla_description":"kernel: null pointer derefrence in mpi_alloc","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52472.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-2496","severity":"moderate","public_date":"2024-02-26T00:00:00Z","advisories":[],"bugzilla":"2269672","bugzilla_description":"libvirt: NULL pointer dereference in udevConnectListAllInterfaces()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2496.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2022-48626","severity":"moderate","public_date":"2024-02-25T00:00:00Z","advisories":[],"bugzilla":"2266029","bugzilla_description":"kernel: moxart: fix potential use-after-free on remove path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48626.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-26144","severity":"moderate","public_date":"2024-02-25T00:00:00Z","advisories":[],"bugzilla":"2266063","bugzilla_description":"rubygem-activestorage: Possible Sensitive Session Information Leak in Active Storage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26144.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2024-26605","severity":"low","public_date":"2024-02-24T00:00:00Z","advisories":[],"bugzilla":"2265831","bugzilla_description":"kernel: PCI/ASPM: Fix deadlock when enabling ASPM","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26605.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-26603","severity":"low","public_date":"2024-02-24T00:00:00Z","advisories":[],"bugzilla":"2265833","bugzilla_description":"kernel: x86/fpu: Stop relying on userspace for info to fault in xsave buffer that cause loop forever","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26603.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.3"},{"CVE":"CVE-2024-26601","severity":"moderate","public_date":"2024-02-24T00:00:00Z","advisories":[],"bugzilla":"2265836","bugzilla_description":"kernel: ext4: regenerate buddy after block freeing failed if under fc replay","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-118","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26601.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2024-26600","severity":"low","public_date":"2024-02-24T00:00:00Z","advisories":[],"bugzilla":"2265838","bugzilla_description":"kernel: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26600.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-21501","severity":"moderate","public_date":"2024-02-24T00:00:00Z","advisories":[],"bugzilla":"2266111","bugzilla_description":"sanitize-html: Information Exposure when used on the backend","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21501.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2024-26142","severity":"moderate","public_date":"2024-02-24T00:00:00Z","advisories":[],"bugzilla":"2266324","bugzilla_description":"rubygem-actionpack: Possible DoS vulnerability in Accept header","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26142.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2024-26143","severity":"low","public_date":"2024-02-24T00:00:00Z","advisories":[],"bugzilla":"2266388","bugzilla_description":"rubygem-actionpack: Possible XSS on translation helpers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26143.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.1"},{"CVE":"CVE-2024-26602","severity":"moderate","public_date":"2024-02-24T00:00:00Z","advisories":["RHSA-2024:1250","RHSA-2024:1332","RHSA-2024:1532","RHSA-2024:1533","RHSA-2024:1249"],"bugzilla":"2267695","bugzilla_description":"kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["kernel-0:3.10.0-1160.114.2.el7","kernel-rt-0:5.14.0-284.59.1.rt14.344.el9_2","kernel-0:5.14.0-70.93.2.el9_0","kernel-0:5.14.0-284.59.1.el9_2","kernel-rt-0:3.10.0-1160.114.2.rt56.1266.el7"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26602.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2024-25629","severity":"low","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265713","bugzilla_description":"c-ares: Out of bounds read in ares__read_line()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-127","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25629.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52454","severity":"moderate","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265791","bugzilla_description":"kernel: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52454.json"},{"CVE":"CVE-2023-52456","severity":"moderate","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265792","bugzilla_description":"kernel: imx: fix tx statemachine deadlock","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52456.json"},{"CVE":"CVE-2023-52455","severity":"moderate","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265793","bugzilla_description":"kernel: iommu: Don't reserve 0-length IOVA region","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52455.json"},{"CVE":"CVE-2023-52458","severity":"moderate","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265794","bugzilla_description":"kernel: block: null pointer dereference in ioctl.c when length and logical block size are misaligned","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52458.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"4.2"},{"CVE":"CVE-2023-52459","severity":"moderate","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265795","bugzilla_description":"kernel: v4l: async: Fix duplicated list deletion","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52459.json"},{"CVE":"CVE-2023-52461","severity":"low","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265796","bugzilla_description":"kernel: drm/sched: Fix bounds limiting when given a malformed entity","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52461.json"},{"CVE":"CVE-2023-52463","severity":"moderate","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265797","bugzilla_description":"kernel: efivarfs: force RO when remounting if SetVariable is not supported","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52463.json"},{"CVE":"CVE-2023-52462","severity":"moderate","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265798","bugzilla_description":"kernel: bpf: fix check for attempt to corrupt spilled pointer","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52462.json"},{"CVE":"CVE-2024-26595","severity":"moderate","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265799","bugzilla_description":"kernel: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26595.json"},{"CVE":"CVE-2023-52464","severity":"low","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265800","bugzilla_description":"kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-805","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52464.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"2.9"},{"CVE":"CVE-2024-26598","severity":"moderate","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265801","bugzilla_description":"kernel: kvm: Avoid potential UAF in LPI translation cache","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26598.json"},{"CVE":"CVE-2024-26599","severity":"moderate","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2265802","bugzilla_description":"kernel: pwm: Fix out-of-bounds access in of_pwm_single_xlate()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26599.json"},{"CVE":"CVE-2024-22371","severity":"low","public_date":"2024-02-23T00:00:00Z","advisories":[],"bugzilla":"2266024","bugzilla_description":"camel-core: Exposure of sensitive data by crafting a malicious EventFactory","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-201","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22371.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.9"},{"CVE":"CVE-2024-26147","severity":"moderate","public_date":"2024-02-22T00:00:00Z","advisories":["RHSA-2024:1328"],"bugzilla":"2265440","bugzilla_description":"helm: Missing YAML Content Leads To Panic","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-457","affected_packages":["rhacm2/acm-governance-policy-addon-controller-rhel8:v2.9.3-9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26147.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-25126","severity":"moderate","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265593","bugzilla_description":"rubygem-rack: Denial of Service Vulnerability in Rack Content-Type Parsing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1333","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25126.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2024-26141","severity":"moderate","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265594","bugzilla_description":"rubygem-rack: Possible DoS Vulnerability with Range Header in Rack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1333","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26141.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2024-26146","severity":"moderate","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265595","bugzilla_description":"rubygem-rack: Possible Denial of Service Vulnerability in Rack Header Parsing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1333","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26146.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2024-26586","severity":"moderate","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265645","bugzilla_description":"kernel: mlxsw: spectrum_acl_tcam: Fix stack corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26586.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2024-26593","severity":"moderate","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265646","bugzilla_description":"kernel: i2c: i801: Fix block process call transactions","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26593.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-52452","severity":"low","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265647","bugzilla_description":"kernel: bpf: Fix accesses to uninit stack slots","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52452.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2024-26591","severity":"low","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265648","bugzilla_description":"kernel: bpf: Fix re-attachment branch in bpf_tracing_prog_attach","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26591.json"},{"CVE":"CVE-2023-52450","severity":"moderate","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265649","bugzilla_description":"kernel: intel: Fix NULL pointer dereference issue in upi_fill_topology()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52450.json"},{"CVE":"CVE-2023-52451","severity":"moderate","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265650","bugzilla_description":"kernel: powerpc: Fix access beyond end of drmem array","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52451.json"},{"CVE":"CVE-2023-52449","severity":"important","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265651","bugzilla_description":"kernel: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52449.json"},{"CVE":"CVE-2023-52447","severity":"low","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265652","bugzilla_description":"kernel: bpf: Defer the free of inner map when necessary","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52447.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"3.9"},{"CVE":"CVE-2023-52448","severity":"low","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265653","bugzilla_description":"kernel: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52448.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2023-52445","severity":"low","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265654","bugzilla_description":"kernel: pvrusb2: fix use after free on context disconnection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52445.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"3.0"},{"CVE":"CVE-2023-52446","severity":"low","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265655","bugzilla_description":"kernel: bpf: Fix a race condition between btf_put() and map_free()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52446.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"3.9"},{"CVE":"CVE-2024-26587","severity":"low","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265656","bugzilla_description":"kernel: netdevsim: don't try to destroy PHC on VFs","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26587.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2024-26589","severity":"moderate","public_date":"2024-02-22T00:00:00Z","advisories":[],"bugzilla":"2265657","bugzilla_description":"kernel: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-822","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26589.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H","cvss3_score":"5.8"},{"CVE":"CVE-2023-6787","severity":"moderate","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2254375","bugzilla_description":"keycloak: session hijacking via re-authentication","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6787.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-1722","severity":"low","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2265389","bugzilla_description":"keycloak-core: DoS via account lockout","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-645","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1722.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2024-24478","severity":"moderate","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2265431","bugzilla_description":"wireshark: integer overflow in dissect_bgp_open() in epan/dissectors/packet-bgp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24478.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-24479","severity":"moderate","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2265433","bugzilla_description":"wireshark: Buffer Overflow via wsutil/to_str.c and format_fractional_part_nsecs results in Denial of Service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24479.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-24476","severity":"moderate","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2265435","bugzilla_description":"wireshark: Buffer Overflow via pan/addr_resolv.c and ws_manuf_lookup_str() results in Denial of Service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-126","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24476.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-26585","severity":"moderate","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2265517","bugzilla_description":"kernel: tls: race between tx work scheduling and socket close","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26585.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2024-26582","severity":"important","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2265518","bugzilla_description":"kernel: tls: use-after-free with partial reads and async decrypt","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26582.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2024-26584","severity":"moderate","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2265519","bugzilla_description":"kernel: tls: handle backlogging of crypto requests","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-393","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26584.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26583","severity":"moderate","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2265520","bugzilla_description":"kernel: tls: race between async notify and socket close","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362->CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26583.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2024-22243","severity":"moderate","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2265735","bugzilla_description":"springframework: URL Parsing with Host Validation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-601","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22243.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N","cvss3_score":"3.4"},{"CVE":"CVE-2024-26130","severity":"important","public_date":"2024-02-21T00:00:00Z","advisories":[],"bugzilla":"2269617","bugzilla_description":"python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26130.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-1481","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2262169","bugzilla_description":"freeipa: specially crafted HTTP requests potentially lead to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1481.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2024-22234","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265172","bugzilla_description":"spring-security: Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22234.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2023-52433","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265184","bugzilla_description":"kernel: nf_tables: nft_set_rbtree skip sync GC for new elements in this transaction","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52433.json"},{"CVE":"CVE-2024-26581","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265185","bugzilla_description":"kernel: nftables: nft_set_rbtree skip end interval element from gc","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26581.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2024-25260","severity":"low","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265194","bugzilla_description":"elfutils: global-buffer-overflow exists in the function ebl_machine_flag_name in eblmachineflagname.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25260.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2023-52436","severity":"low","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265267","bugzilla_description":"kernel: f2fs: explicitly null-terminate the xattr list","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-170","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52436.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.5"},{"CVE":"CVE-2023-52437","severity":null,"public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265269","bugzilla_description":"kernel: Revert \"md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d\"","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52437.json"},{"CVE":"CVE-2023-52439","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265271","bugzilla_description":"kernel: uio: Fix use-after-free in uio_open","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52439.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2023-52438","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265273","bugzilla_description":"kernel: binder: fix use-after-free in shinker's callback","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52438.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2023-52434","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265285","bugzilla_description":"kernel: smb: client: fix potential OOBs in smb2_parse_contexts()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52434.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2023-52435","severity":"low","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265292","bugzilla_description":"kernel: net: prevent mss overflow in skb_segment()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52435.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2024-1546","severity":"important","public_date":"2024-02-20T00:00:00Z","advisories":["RHSA-2024:0976","RHSA-2024:0955","RHSA-2024:0957","RHSA-2024:0968","RHSA-2024:0958","RHSA-2024:0969","RHSA-2024:0959","RHSA-2024:0970","RHSA-2024:0971","RHSA-2024:0960","RHSA-2024:0972","RHSA-2024:0961","RHSA-2024:0983","RHSA-2024:0962","RHSA-2024:0984","RHSA-2024:0952","RHSA-2024:0963","RHSA-2024:0964"],"bugzilla":"2265349","bugzilla_description":"Mozilla: Out-of-bounds memory read in networking channels","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["thunderbird-0:115.8.0-1.el8_4","thunderbird-0:115.8.0-1.el9_3","firefox-0:115.8.0-1.el9_2","firefox-0:115.8.0-1.el8_2","thunderbird-0:115.8.0-1.el8_2","firefox-0:115.8.0-1.el8_4","firefox-0:115.8.0-1.el9_3","thunderbird-0:115.8.0-1.el9_2","thunderbird-0:115.8.0-1.el7_9","thunderbird-0:115.8.0-1.el8_8","thunderbird-0:115.8.0-1.el8_9","thunderbird-0:115.8.0-1.el8_6","firefox-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el8_6","thunderbird-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el7_9","firefox-0:115.8.0-1.el8_9","firefox-0:115.8.0-1.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1546.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-1547","severity":"important","public_date":"2024-02-20T00:00:00Z","advisories":["RHSA-2024:0976","RHSA-2024:0955","RHSA-2024:0957","RHSA-2024:0968","RHSA-2024:0958","RHSA-2024:0969","RHSA-2024:0959","RHSA-2024:0970","RHSA-2024:0971","RHSA-2024:0960","RHSA-2024:0972","RHSA-2024:0961","RHSA-2024:0983","RHSA-2024:0962","RHSA-2024:0984","RHSA-2024:0952","RHSA-2024:0963","RHSA-2024:0964"],"bugzilla":"2265350","bugzilla_description":"Mozilla: Alert dialog could have been spoofed on another site","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-449","affected_packages":["thunderbird-0:115.8.0-1.el8_4","thunderbird-0:115.8.0-1.el9_3","firefox-0:115.8.0-1.el9_2","firefox-0:115.8.0-1.el8_2","thunderbird-0:115.8.0-1.el8_2","firefox-0:115.8.0-1.el8_4","firefox-0:115.8.0-1.el9_3","thunderbird-0:115.8.0-1.el9_2","thunderbird-0:115.8.0-1.el7_9","thunderbird-0:115.8.0-1.el8_8","thunderbird-0:115.8.0-1.el8_9","thunderbird-0:115.8.0-1.el8_6","firefox-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el8_6","thunderbird-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el7_9","firefox-0:115.8.0-1.el8_9","firefox-0:115.8.0-1.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1547.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-1548","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":["RHSA-2024:0976","RHSA-2024:0955","RHSA-2024:0957","RHSA-2024:0968","RHSA-2024:0958","RHSA-2024:0969","RHSA-2024:0959","RHSA-2024:0970","RHSA-2024:0971","RHSA-2024:0960","RHSA-2024:0972","RHSA-2024:0961","RHSA-2024:0983","RHSA-2024:0962","RHSA-2024:0984","RHSA-2024:0952","RHSA-2024:0963","RHSA-2024:0964"],"bugzilla":"2265351","bugzilla_description":"Mozilla: Fullscreen Notification could have been hidden by select element","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-449","affected_packages":["thunderbird-0:115.8.0-1.el8_4","thunderbird-0:115.8.0-1.el9_3","firefox-0:115.8.0-1.el9_2","firefox-0:115.8.0-1.el8_2","thunderbird-0:115.8.0-1.el8_2","firefox-0:115.8.0-1.el8_4","firefox-0:115.8.0-1.el9_3","thunderbird-0:115.8.0-1.el9_2","thunderbird-0:115.8.0-1.el7_9","thunderbird-0:115.8.0-1.el8_8","thunderbird-0:115.8.0-1.el8_9","thunderbird-0:115.8.0-1.el8_6","firefox-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el8_6","thunderbird-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el7_9","firefox-0:115.8.0-1.el8_9","firefox-0:115.8.0-1.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1548.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-1549","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":["RHSA-2024:0976","RHSA-2024:0955","RHSA-2024:0957","RHSA-2024:0968","RHSA-2024:0958","RHSA-2024:0969","RHSA-2024:0959","RHSA-2024:0970","RHSA-2024:0971","RHSA-2024:0960","RHSA-2024:0972","RHSA-2024:0961","RHSA-2024:0983","RHSA-2024:0962","RHSA-2024:0984","RHSA-2024:0952","RHSA-2024:0963","RHSA-2024:0964"],"bugzilla":"2265352","bugzilla_description":"Mozilla: Custom cursor could obscure the permission dialog","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1021","affected_packages":["thunderbird-0:115.8.0-1.el8_4","thunderbird-0:115.8.0-1.el9_3","firefox-0:115.8.0-1.el9_2","firefox-0:115.8.0-1.el8_2","thunderbird-0:115.8.0-1.el8_2","firefox-0:115.8.0-1.el8_4","firefox-0:115.8.0-1.el9_3","thunderbird-0:115.8.0-1.el9_2","thunderbird-0:115.8.0-1.el7_9","thunderbird-0:115.8.0-1.el8_8","thunderbird-0:115.8.0-1.el8_9","thunderbird-0:115.8.0-1.el8_6","firefox-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el8_6","thunderbird-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el7_9","firefox-0:115.8.0-1.el8_9","firefox-0:115.8.0-1.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1549.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-1550","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":["RHSA-2024:0976","RHSA-2024:0955","RHSA-2024:0957","RHSA-2024:0968","RHSA-2024:0958","RHSA-2024:0969","RHSA-2024:0959","RHSA-2024:0970","RHSA-2024:0971","RHSA-2024:0960","RHSA-2024:0972","RHSA-2024:0961","RHSA-2024:0983","RHSA-2024:0962","RHSA-2024:0984","RHSA-2024:0952","RHSA-2024:0963","RHSA-2024:0964"],"bugzilla":"2265353","bugzilla_description":"Mozilla: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1021","affected_packages":["thunderbird-0:115.8.0-1.el8_4","thunderbird-0:115.8.0-1.el9_3","firefox-0:115.8.0-1.el9_2","firefox-0:115.8.0-1.el8_2","thunderbird-0:115.8.0-1.el8_2","firefox-0:115.8.0-1.el8_4","firefox-0:115.8.0-1.el9_3","thunderbird-0:115.8.0-1.el9_2","thunderbird-0:115.8.0-1.el7_9","thunderbird-0:115.8.0-1.el8_8","thunderbird-0:115.8.0-1.el8_9","thunderbird-0:115.8.0-1.el8_6","firefox-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el8_6","thunderbird-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el7_9","firefox-0:115.8.0-1.el8_9","firefox-0:115.8.0-1.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1550.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-1551","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":["RHSA-2024:0976","RHSA-2024:0955","RHSA-2024:0957","RHSA-2024:0968","RHSA-2024:0958","RHSA-2024:0969","RHSA-2024:0959","RHSA-2024:0970","RHSA-2024:0971","RHSA-2024:0960","RHSA-2024:0972","RHSA-2024:0961","RHSA-2024:0983","RHSA-2024:0962","RHSA-2024:0984","RHSA-2024:0952","RHSA-2024:0963","RHSA-2024:0964"],"bugzilla":"2265354","bugzilla_description":"Mozilla: Multipart HTTP Responses would accept the Set-Cookie header in response parts","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-74","affected_packages":["thunderbird-0:115.8.0-1.el8_4","thunderbird-0:115.8.0-1.el9_3","firefox-0:115.8.0-1.el9_2","firefox-0:115.8.0-1.el8_2","thunderbird-0:115.8.0-1.el8_2","firefox-0:115.8.0-1.el8_4","firefox-0:115.8.0-1.el9_3","thunderbird-0:115.8.0-1.el9_2","thunderbird-0:115.8.0-1.el7_9","thunderbird-0:115.8.0-1.el8_8","thunderbird-0:115.8.0-1.el8_9","thunderbird-0:115.8.0-1.el8_6","firefox-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el8_6","thunderbird-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el7_9","firefox-0:115.8.0-1.el8_9","firefox-0:115.8.0-1.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1551.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-1552","severity":"low","public_date":"2024-02-20T00:00:00Z","advisories":["RHSA-2024:0976","RHSA-2024:0955","RHSA-2024:0957","RHSA-2024:0968","RHSA-2024:0958","RHSA-2024:0969","RHSA-2024:0959","RHSA-2024:0970","RHSA-2024:0971","RHSA-2024:0960","RHSA-2024:0972","RHSA-2024:0961","RHSA-2024:0983","RHSA-2024:0962","RHSA-2024:0984","RHSA-2024:0952","RHSA-2024:0963","RHSA-2024:0964"],"bugzilla":"2265355","bugzilla_description":"Mozilla: Incorrect code generation on 32-bit ARM devices","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-681","affected_packages":["thunderbird-0:115.8.0-1.el8_4","thunderbird-0:115.8.0-1.el9_3","firefox-0:115.8.0-1.el9_2","firefox-0:115.8.0-1.el8_2","thunderbird-0:115.8.0-1.el8_2","firefox-0:115.8.0-1.el8_4","firefox-0:115.8.0-1.el9_3","thunderbird-0:115.8.0-1.el9_2","thunderbird-0:115.8.0-1.el7_9","thunderbird-0:115.8.0-1.el8_8","thunderbird-0:115.8.0-1.el8_9","thunderbird-0:115.8.0-1.el8_6","firefox-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el8_6","thunderbird-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el7_9","firefox-0:115.8.0-1.el8_9","firefox-0:115.8.0-1.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1552.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-1553","severity":"important","public_date":"2024-02-20T00:00:00Z","advisories":["RHSA-2024:0976","RHSA-2024:0955","RHSA-2024:0957","RHSA-2024:0968","RHSA-2024:0958","RHSA-2024:0969","RHSA-2024:0959","RHSA-2024:0970","RHSA-2024:0971","RHSA-2024:0960","RHSA-2024:0972","RHSA-2024:0961","RHSA-2024:0983","RHSA-2024:0962","RHSA-2024:0984","RHSA-2024:0952","RHSA-2024:0963","RHSA-2024:0964"],"bugzilla":"2265356","bugzilla_description":"Mozilla: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:115.8.0-1.el8_4","thunderbird-0:115.8.0-1.el9_3","firefox-0:115.8.0-1.el9_2","firefox-0:115.8.0-1.el8_2","thunderbird-0:115.8.0-1.el8_2","firefox-0:115.8.0-1.el8_4","firefox-0:115.8.0-1.el9_3","thunderbird-0:115.8.0-1.el9_2","thunderbird-0:115.8.0-1.el7_9","thunderbird-0:115.8.0-1.el8_8","thunderbird-0:115.8.0-1.el8_9","thunderbird-0:115.8.0-1.el8_6","firefox-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el8_6","thunderbird-0:115.8.0-1.el9_0","firefox-0:115.8.0-1.el7_9","firefox-0:115.8.0-1.el8_9","firefox-0:115.8.0-1.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1553.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-24474","severity":"moderate","public_date":"2024-02-20T00:00:00Z","advisories":[],"bugzilla":"2265499","bugzilla_description":"QEMU: esp: integer underflow leads to heap buffer overflow in esp_do_nodma()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-191->CWE-122","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24474.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2020-36774","severity":"low","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2264839","bugzilla_description":"glade: segmentation fault in glade_gtk_box_post_create()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36774.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2024-26327","severity":"moderate","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2264844","bugzilla_description":"QEMU: SR-IOV: improper validation of NumVFs leads to buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26327.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-26328","severity":"low","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2264896","bugzilla_description":"QEMU: NVMe: out-of-bounds memory access in nvme_sriov_pre_write_ctrl()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26328.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2024-25710","severity":"moderate","public_date":"2024-02-19T00:00:00Z","advisories":["RHSA-2024:1509"],"bugzilla":"2264988","bugzilla_description":"commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["commons-compress"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25710.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2024-26308","severity":"moderate","public_date":"2024-02-19T00:00:00Z","advisories":["RHSA-2024:1509"],"bugzilla":"2264989","bugzilla_description":"commons-compress: OutOfMemoryError unpacking broken Pack200 file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["commons-compress"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26308.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2024-23114","severity":"important","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2265053","bugzilla_description":"Apache Camel-CassandraQL: Unsafe Deserialization from CassandraAggregationRepository","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23114.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-22369","severity":"important","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2265057","bugzilla_description":"Apache Camel: Camel-SQL: Unsafe Deserialization from JDBCAggregationRepository","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22369.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2022-48624","severity":"moderate","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2265081","bugzilla_description":"less: missing quoting of shell metacharacters in LESSCLOSE handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-77","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48624.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2024-1726","severity":"low","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2265158","bugzilla_description":"quarkus: security checks for some inherited endpoints performed after serialization in RESTEasy Reactive may trigger a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-281","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1726.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2024-21896","severity":"important","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2265717","bugzilla_description":"nodejs: path traversal by monkey-patching buffer internals","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21896.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N","cvss3_score":"7.9"},{"CVE":"CVE-2024-21891","severity":"moderate","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2265720","bugzilla_description":"nodejs: multiple permission model bypasses due to improper path traversal sequence sanitization","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21891.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N","cvss3_score":"6.6"},{"CVE":"CVE-2024-21890","severity":"moderate","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2265722","bugzilla_description":"nodejs: improper handling of wildcards in --allow-fs-read and --allow-fs-write","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1059","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21890.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"5.0"},{"CVE":"CVE-2024-22017","severity":"important","public_date":"2024-02-19T00:00:00Z","advisories":[],"bugzilla":"2265727","bugzilla_description":"nodejs: setuid() does not drop all privileges due to io_uring","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-269","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22017.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2024-1597","severity":"important","public_date":"2024-02-19T00:00:00Z","advisories":["RHSA-2024:1435","RHSA-2024:1436"],"bugzilla":"2266523","bugzilla_description":"pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-89","affected_packages":["postgresql-jdbc-0:42.2.14-3.el8_9","postgresql-jdbc-0:42.2.28-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1597.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2024-26464","severity":"moderate","public_date":"2024-02-18T00:00:00Z","advisories":[],"bugzilla":"2266415","bugzilla_description":"net-snmp: memory leak DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-26464.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2024-2002","severity":"moderate","public_date":"2024-02-17T00:00:00Z","advisories":[],"bugzilla":"2267700","bugzilla_description":"libdwarf: crashes randomly on fuzzed object","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-415","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-2002.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-45860","severity":"moderate","public_date":"2024-02-16T00:00:00Z","advisories":[],"bugzilla":"2264532","bugzilla_description":"Hazelcast: Permission checking in CSV File Source connector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45860.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2023-46809","severity":"moderate","public_date":"2024-02-16T00:00:00Z","advisories":["RHSA-2024:1510","RHSA-2024:1503"],"bugzilla":"2264569","bugzilla_description":"nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding (Marvin)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385->CWE-208","affected_packages":["nodejs:18-9030020240301111035.rhel9","nodejs:18-8090020240301110609.a75119d5"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46809.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2024-22019","severity":"important","public_date":"2024-02-16T00:00:00Z","advisories":["RHSA-2024:1438","RHSA-2024:1354","RHSA-2024:1444","RHSA-2024:1510","RHSA-2024:1424","RHSA-2024:1503"],"bugzilla":"2264574","bugzilla_description":"nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["nodejs:16-8090020240315081818.a75119d5","rh-nodejs14-nodejs-0:14.21.3-6.el7","nodejs:18-9030020240301111035.rhel9","nodejs:18-8090020240301110609.a75119d5","nodejs-1:16.20.2-4.el9_0","nodejs-1:16.20.2-4.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22019.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-23807","severity":"important","public_date":"2024-02-16T00:00:00Z","advisories":[],"bugzilla":"2264581","bugzilla_description":"xerces-c: duplicate CVE to announce correct fixed-in versions","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23807.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2024-21892","severity":"important","public_date":"2024-02-16T00:00:00Z","advisories":["RHSA-2024:1510","RHSA-2024:1503"],"bugzilla":"2264582","bugzilla_description":"nodejs: code injection and privilege escalation through Linux capabilities","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["nodejs:18-9030020240301111035.rhel9","nodejs:18-8090020240301110609.a75119d5"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21892.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2023-52160","severity":"moderate","public_date":"2024-02-16T00:00:00Z","advisories":[],"bugzilla":"2264593","bugzilla_description":"wpa_supplicant: potential authorization bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-285","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52160.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-24750","severity":"moderate","public_date":"2024-02-16T00:00:00Z","advisories":[],"bugzilla":"2264728","bugzilla_description":"undici: memory leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24750.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-24758","severity":"low","public_date":"2024-02-16T00:00:00Z","advisories":[],"bugzilla":"2264730","bugzilla_description":"undici: sensitive information exposure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24758.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"3.9"},{"CVE":"CVE-2023-6917","severity":"moderate","public_date":"2024-02-15T00:00:00Z","advisories":[],"bugzilla":"2254983","bugzilla_description":"pcp: unsafe use of directories allows pcp to root privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-61|CWE-378)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6917.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"6.0"},{"CVE":"CVE-2024-25620","severity":"moderate","public_date":"2024-02-15T00:00:00Z","advisories":["RHSA-2024:1328","RHSA-2024:1255"],"bugzilla":"2264336","bugzilla_description":"helm: Dependency management path traversal","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":["rhacm2/acm-governance-policy-addon-controller-rhel8:v2.9.3-9","openshift4/ose-olm-rukpak-rhel8:v4.15.0-202403081338.p0.g5b09cd4.assembly.stream.el8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25620.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","cvss3_score":"6.4"},{"CVE":"CVE-2024-25580","severity":"moderate","public_date":"2024-02-15T00:00:00Z","advisories":[],"bugzilla":"2264423","bugzilla_description":"qtbase: potential buffer overflow when reading KTX images","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25580.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2024-24989","severity":"important","public_date":"2024-02-14T00:00:00Z","advisories":[],"bugzilla":"2264290","bugzilla_description":"nginx: NULL pointer dereference in HTTP/3","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24989.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-24990","severity":"important","public_date":"2024-02-14T00:00:00Z","advisories":[],"bugzilla":"2264298","bugzilla_description":"nginx: Use-after-free in HTTP/3","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24990.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-25617","severity":"important","public_date":"2024-02-14T00:00:00Z","advisories":["RHSA-2024:1062","RHSA-2024:1184","RHSA-2024:1066","RHSA-2024:1376","RHSA-2024:1375"],"bugzilla":"2264309","bugzilla_description":"squid: denial of service in HTTP header parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-182|CWE-400)","affected_packages":["squid:4-8060020240227214219.ad008a3a","squid:4-8080020240227184832.63b34585","squid-7:5.5-6.el9_3.8","squid-7:5.5-5.el9_2.5","squid:4-8090020240314114525.a75119d5"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25617.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"8.6"},{"CVE":"CVE-2023-28746","severity":"important","public_date":"2024-02-14T00:00:00Z","advisories":[],"bugzilla":"2270700","bugzilla_description":"kernel: Local information disclosure on Intel(R) Atom(R) processors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1342","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28746.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2023-38575","severity":"important","public_date":"2024-02-14T00:00:00Z","advisories":[],"bugzilla":"2270701","bugzilla_description":"kernel: Local information disclosure in some Intel(R) processors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1303","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38575.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2023-39368","severity":"important","public_date":"2024-02-14T00:00:00Z","advisories":[],"bugzilla":"2270703","bugzilla_description":"kernel: Possible Denial of Service on Intel(R) Processors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-693","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39368.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2023-43490","severity":"important","public_date":"2024-02-14T00:00:00Z","advisories":[],"bugzilla":"2270704","bugzilla_description":"kernel: Local information disclosure on Intel(R) Xeon(R) D processors with Intel(R) SGX due to incorrect calculation in microcode","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-682","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43490.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2024-22029","severity":"important","public_date":"2024-02-14T00:00:00Z","advisories":[],"bugzilla":"2271114","bugzilla_description":"apache tomcat: local privilege escalation via default tomcat group","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-269","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22029.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2024-1342","severity":"moderate","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2259960","bugzilla_description":"openshift: existing Cross-Site Request Forgery protection insufficient for WebSocket creation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-352","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1342.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2024-21386","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":["RHSA-2024:0814","RHSA-2024:0848","RHSA-2024:0827","RHSA-2024:0805","RHSA-2024:0806","RHSA-2024:0807","RHSA-2024:0808"],"bugzilla":"2263085","bugzilla_description":"dotnet: Denial of Service in SignalR server","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["dotnet6.0-0:6.0.127-1.el9_3","dotnet6.0-0:6.0.127-1.el8_9","dotnet7.0-0:7.0.116-1.el9_3","dotnet8.0-0:8.0.102-2.el9_3","dotnet7.0-0:7.0.116-1.el8_9","dotnet8.0-0:8.0.102-2.el8_9","rh-dotnet60-dotnet-0:6.0.127-1.el7_9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21386.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-21404","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":["RHSA-2024:0814","RHSA-2024:0848","RHSA-2024:0827","RHSA-2024:0805","RHSA-2024:0806","RHSA-2024:0807","RHSA-2024:0808"],"bugzilla":"2263086","bugzilla_description":"dotnet: Denial of Service in X509Certificate2","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["dotnet6.0-0:6.0.127-1.el9_3","dotnet6.0-0:6.0.127-1.el8_9","dotnet7.0-0:7.0.116-1.el9_3","dotnet8.0-0:8.0.102-2.el9_3","dotnet7.0-0:7.0.116-1.el8_9","dotnet8.0-0:8.0.102-2.el8_9","rh-dotnet60-dotnet-0:6.0.127-1.el7_9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21404.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-20576","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2263271","bugzilla_description":"hw: amd: Insufficient Verification of Data Authenticity in AGESATM","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-345","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-20576.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.7"},{"CVE":"CVE-2023-20577","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2263392","bugzilla_description":"hw: amd: SPI flash RCE","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-20577.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2023-20579","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2263394","bugzilla_description":"hw: amd: SPI bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-20579.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H","cvss3_score":"7.9"},{"CVE":"CVE-2023-20587","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2263402","bugzilla_description":"hw: amd: failure to sanitize input in SMM","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-20587.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2023-4408","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2263896","bugzilla_description":"bind9: Parsing large DNS messages may cause excessive CPU load","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4408.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-5517","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2263897","bugzilla_description":"bind9: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5517.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-5679","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2263909","bugzilla_description":"bind9: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5679.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-6516","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2263911","bugzilla_description":"bind9: Specific recursive query patterns may lead to an out-of-memory condition","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6516.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-50387","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":["RHSA-2024:0965","RHSA-2024:0977","RHSA-2024:1334","RHSA-2024:0981","RHSA-2024:0982","RHSA-2024:1335","RHSA-2024:1522"],"bugzilla":"2263914","bugzilla_description":"bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["dnsmasq-0:2.85-6.el9_2.3","unbound-0:1.16.2-3.el9_3.1","unbound-0:1.16.2-5.el8_8.1","dnsmasq-0:2.79-31.el8_9.2","unbound-0:1.16.2-5.el8_9.2","unbound-0:1.16.2-3.el9_2.1","dnsmasq-0:2.85-14.el9_3.1"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-50868","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":["RHSA-2024:0965","RHSA-2024:0977","RHSA-2024:1334","RHSA-2024:0981","RHSA-2024:0982","RHSA-2024:1335","RHSA-2024:1522"],"bugzilla":"2263917","bugzilla_description":"bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["dnsmasq-0:2.85-6.el9_2.3","unbound-0:1.16.2-3.el9_3.1","unbound-0:1.16.2-5.el8_8.1","dnsmasq-0:2.79-31.el8_9.2","unbound-0:1.16.2-5.el8_9.2","unbound-0:1.16.2-3.el9_2.1","dnsmasq-0:2.85-14.el9_3.1"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-24826","severity":"moderate","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2263978","bugzilla_description":"exiv2: Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24826.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-25112","severity":"moderate","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2263981","bugzilla_description":"Exiv2: Denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-400|CWE-674)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25112.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-24814","severity":"moderate","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2264092","bugzilla_description":"mod_auth_openidc: DoS when using `OIDCSessionType client-cookie` and manipulating cookies","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24814.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-1488","severity":"important","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2264183","bugzilla_description":"unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-276->CWE-15","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1488.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H","cvss3_score":"8.0"},{"CVE":"CVE-2023-5680","severity":"moderate","public_date":"2024-02-13T00:00:00Z","advisories":[],"bugzilla":"2264285","bugzilla_description":"bind9: Cleaning an ECS-enabled cache may cause excessive CPU load","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5680.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2023-52429","severity":"low","public_date":"2024-02-12T00:00:00Z","advisories":[],"bugzilla":"2263856","bugzilla_description":"kernel: missing check for struct in dm-table.c can cause a crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-754","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52429.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-25744","severity":"moderate","public_date":"2024-02-12T00:00:00Z","advisories":[],"bugzilla":"2263875","bugzilla_description":"kernel: untrusted VMM can trigger int80 syscall handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25744.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-25739","severity":"moderate","public_date":"2024-02-12T00:00:00Z","advisories":[],"bugzilla":"2263879","bugzilla_description":"kernel: crash due to a missing check for leb_size","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-754","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25739.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-25740","severity":"moderate","public_date":"2024-02-12T00:00:00Z","advisories":[],"bugzilla":"2263881","bugzilla_description":"kernel: memory leak in ubi driver","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25740.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-25741","severity":"moderate","public_date":"2024-02-12T00:00:00Z","advisories":[],"bugzilla":"2263884","bugzilla_description":"kernel: f_printer: crash leading to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25741.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-1454","severity":"low","public_date":"2024-02-12T00:00:00Z","advisories":[],"bugzilla":"2263929","bugzilla_description":"opensc: Memory use after free in AuthentIC driver when updating token info","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1454.json","cvss3_scoring_vector":"CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"3.4"},{"CVE":"CVE-2024-24258","severity":"moderate","public_date":"2024-02-12T00:00:00Z","advisories":[],"bugzilla":"2263939","bugzilla_description":"freeglut: memory leak via glutAddSubMenu() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24258.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-24259","severity":"moderate","public_date":"2024-02-12T00:00:00Z","advisories":[],"bugzilla":"2263943","bugzilla_description":"freeglut: memory leak via glutAddMenuEntry() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24259.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-24828","severity":"moderate","public_date":"2024-02-10T00:00:00Z","advisories":[],"bugzilla":"2263749","bugzilla_description":"pkg: incorrect default permissions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-276","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24828.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2024-21490","severity":"moderate","public_date":"2024-02-10T00:00:00Z","advisories":[],"bugzilla":"2263754","bugzilla_description":"angular: Inefficient Regular Expression Complexity","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1333","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21490.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-23325","severity":"moderate","public_date":"2024-02-09T17:00:00Z","advisories":[],"bugzilla":"2259229","bugzilla_description":"envoy: Envoy crashes when using an address type that isn’t supported by the OS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-248","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23325.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2024-23327","severity":"important","public_date":"2024-02-09T17:00:00Z","advisories":[],"bugzilla":"2259230","bugzilla_description":"envoy: Crash in proxy protocol when command type of LOCAL","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23327.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-23324","severity":"important","public_date":"2024-02-09T17:00:00Z","advisories":[],"bugzilla":"2259231","bugzilla_description":"envoy: Ext auth can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23324.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2024-23323","severity":"moderate","public_date":"2024-02-09T17:00:00Z","advisories":[],"bugzilla":"2259232","bugzilla_description":"envoy: Excessive CPU usage when URI template matcher is configured using regex","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1176","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23323.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2024-23322","severity":"moderate","public_date":"2024-02-09T17:00:00Z","advisories":[],"bugzilla":"2259233","bugzilla_description":"envoy: Envoy crashes when idle and request per try timeout occur within the backoff interval","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23322.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2023-50291","severity":"moderate","public_date":"2024-02-09T00:00:00Z","advisories":[],"bugzilla":"2263577","bugzilla_description":"solr: system property redaction logic inconsistency can lead to leaked passwords","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-522","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50291.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2023-50292","severity":"moderate","public_date":"2024-02-09T00:00:00Z","advisories":[],"bugzilla":"2263579","bugzilla_description":"Apache Solr: Schema Designer trusts all configsets, possibly leading to RCE by unauthenticated users","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-732","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50292.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2023-50298","severity":"moderate","public_date":"2024-02-09T00:00:00Z","advisories":[],"bugzilla":"2263583","bugzilla_description":"solr: possible exposure of ZooKeeper credentials via Streaming Expressions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50298.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2023-50386","severity":"moderate","public_date":"2024-02-09T00:00:00Z","advisories":[],"bugzilla":"2263585","bugzilla_description":"solr: backup/restore APIs allow for deployment of executables in malicious ConfigSets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-434|CWE-913)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50386.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2022-0931","severity":null,"public_date":"2024-02-08T00:00:00Z","advisories":[],"bugzilla":"2062877","bugzilla_description":"3scale: claim restriction bypass via JWT algorithm switch","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-290","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0931.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2023-4639","severity":"moderate","public_date":"2024-02-08T00:00:00Z","advisories":[],"bugzilla":"2166022","bugzilla_description":"undertow: Cookie Smuggling/Spoofing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-444","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4639.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2023-3966","severity":"important","public_date":"2024-02-08T00:00:00Z","advisories":["RHSA-2024:1235","RHSA-2024:1234","RHSA-2024:1227"],"bugzilla":"2178363","bugzilla_description":"openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-248","affected_packages":["openvswitch2.17-0:2.17.0-148.el8fdp","openvswitch3.1-0:3.1.0-88.el9fdp","openvswitch3.1-0:3.1.0-96.el8fdp"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3966.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-0985","severity":"important","public_date":"2024-02-08T00:00:00Z","advisories":["RHSA-2024:1071","RHSA-2024:1070","RHSA-2024:1240","RHSA-2024:1195","RHSA-2024:1241","RHSA-2024:1428","RHSA-2024:0988","RHSA-2024:0956","RHSA-2024:1429","RHSA-2024:0990","RHSA-2024:1422","RHSA-2024:0992","RHSA-2024:1069","RHSA-2024:1017","RHSA-2024:0950","RHSA-2024:1314","RHSA-2024:0973","RHSA-2024:0951","RHSA-2024:0974","RHSA-2024:1437","RHSA-2024:1426","RHSA-2024:0975","RHSA-2024:1315","RHSA-2024:1348"],"bugzilla":"2263384","bugzilla_description":"postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-271","affected_packages":["postgresql:13-8060020240219120118.ad008a3a","postgresql:12-8020020240214021628.4cda2c84","postgresql:15-8080020240220104521.63b34585","postgresql:15-8090020240209124629.a75119d5","postgresql-0:13.14-1.el9_3","postgresql:12-8060020240214083443.ad008a3a","postgresql-0:13.14-1.el9_2","postgresql:12-8090020240209130909.a75119d5","postgresql:10-8020020240229083218.4cda2c84","postgresql:10-8060020240220155541.ad008a3a","postgresql-0:13.14-1.el9_0","rh-postgresql12-postgresql-0:12.18-1.el7","postgresql:13-8040020240222071300.522a0ee4","postgresql:12-8080020240214025906.63b34585","rh-postgresql13-postgresql-0:13.14-1.el7","postgresql:10-8090020240213200157.a75119d5","postgresql:15-9030020240209100638.rhel9","postgresql:10-8040020240226112406.522a0ee4","postgresql:10-8080020240227061409.63b34585","postgresql:12-8040020240214080556.522a0ee4","postgresql:13-8090020240209125046.a75119d5","postgresql:15-9020020240213145157.rhel9","rh-postgresql10-postgresql-0:10.23-3.el7","postgresql:13-8080020240221110841.63b34585"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0985.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.0"},{"CVE":"CVE-2023-42282","severity":"important","public_date":"2024-02-08T00:00:00Z","advisories":[],"bugzilla":"2265161","bugzilla_description":"nodejs-ip: arbitrary code execution via the isPublic() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-918","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42282.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2023-1932","severity":"moderate","public_date":"2024-02-07T00:00:00Z","advisories":[],"bugzilla":"1809444","bugzilla_description":"hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1932.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-0793","severity":"important","public_date":"2024-02-07T00:00:00Z","advisories":["RHSA-2024:1267","RHSA-2024:0741"],"bugzilla":"2214402","bugzilla_description":"kube-controller-manager: malformed HPA v1 manifest causes crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["ose-machine-api-operator-container","ose-vsphere-problem-detector-container","ironic-rhcos-downloader-container","ose-csi-driver-shared-resource-operator-container","ose-kubevirt-csi-driver-container","cluster-network-operator-container","ose-cloud-credential-operator-container","ose-cluster-authentication-operator-container","cluster-etcd-operator-container","csi-attacher-container","prometheus-operator-container","ose-machine-os-images-container","ose-machine-api-provider-aws-container","openshift-enterprise-console-container","ose-csi-snapshot-controller-container","ose-installer-artifacts-container","configmap-reload-container","ose-cluster-api-container","ose-containernetworking-plugins-container","cluster-version-operator-container","openshift-enterprise-registry-container","ose-aws-ebs-csi-driver-operator-container","ose-agent-installer-node-agent-container","ose-kubevirt-cloud-controller-manager-container","ose-agent-installer-api-server-container","ose-cluster-control-plane-machine-set-operator-container","operator-registry-container","ose-cluster-cloud-controller-manager-operator-container","ose-machine-api-provider-azure-container","ose-cluster-bootstrap-container","csi-driver-nfs-container","ose-csi-driver-shared-resource-webhook-container","ose-ovn-kubernetes-container","ose-alibaba-disk-csi-driver-operator-container","ose-node-container","ibm-vpc-node-label-updater-container","ose-baremetal-installer-container","ose-openshift-apiserver-container","openshift-enterprise-deployer-container","ose-aws-cloud-controller-manager-container","ose-nutanix-machine-controllers-container","kube-proxy-container","openshift-enterprise-cli-container","ose-alibaba-cloud-csi-driver-container","ose-multus-admission-controller-container","ose-gcp-cloud-controller-manager-container","ose-csi-external-snapshotter-container","ose-cli-artifacts-container","ose-cluster-kube-controller-manager-operator-container","ose-cluster-update-keys-container","ose-cluster-ingress-operator-container","csi-livenessprobe-container","ose-alibaba-cloud-controller-manager-container","ose-csi-driver-shared-resource-container","ose-ibmcloud-cluster-api-controllers-container","csi-provisioner-container","ose-azure-cloud-controller-manager-container","ose-cluster-platform-operators-manager-container","ose-cluster-kube-cluster-api-operator-container","ose-cluster-storage-operator-container","csi-driver-manila-operator-container","marketplace-operator-container","ose-openstack-cloud-controller-manager-container","cluster-node-tuning-operator-container","ose-egress-router-cni-container","ose-insights-operator-container","ose-installer-container","ose-aws-pod-identity-webhook-container","ose-aws-cluster-api-controllers-container","ose-oauth-apiserver-container","driver-toolkit-container","ose-ibm-vpc-block-csi-driver-operator-container","coredns-container","ose-network-tools-container","baremetal-machine-controller-container","ose-agent-installer-orchestrator-container","ose-cluster-image-registry-operator-container","ose-cluster-kube-storage-version-migrator-operator-container","ose-powervs-block-csi-driver-container","ose-csi-external-resizer-container","ose-cluster-config-operator-container","openshift-0:4.12.0-202403042037.p0.g9946c63.assembly.stream.el9","ose-cluster-dns-operator-container","ose-openstack-cinder-csi-driver-operator-container","ose-azure-file-csi-driver-container","ose-libvirt-machine-controllers-container","ose-ovirt-csi-driver-container","ose-powervs-block-csi-driver-operator-container","multus-cni-container","ose-gcp-cluster-api-controllers-container","ose-openshift-controller-manager-container","ose-multus-networkpolicy-container","vmware-vsphere-syncer-container","operator-lifecycle-manager-container","ose-baremetal-runtimecfg-container","ose-image-customization-controller-container","ose-ibmcloud-machine-controllers-container","ose-ibm-vpc-block-csi-driver-container","kube-state-metrics-container","ose-network-metrics-daemon-container","ose-hypershift-container","ose-vsphere-cloud-controller-manager-container","ose-cluster-kube-apiserver-operator-container","ose-gcp-pd-csi-driver-container","ose-agent-installer-csr-approver-container","ose-ibm-cloud-controller-manager-container","ose-openstack-cinder-csi-driver-container","ose-ovirt-machine-controllers-container","ose-cluster-autoscaler-operator-container","openshift-state-metrics-container","ose-vsphere-cluster-api-controllers-container","ose-azure-cloud-node-manager-container","ose-cluster-kube-scheduler-operator-container","ose-etcd-container","prometheus-operator-admission-webhook-container","openshift-enterprise-hyperkube-container","ose-vmware-vsphere-csi-driver-container","ose-azure-cluster-api-controllers-container","ose-cluster-csi-snapshot-controller-operator-container","ovn-kubernetes-microshift-container","ose-thanos-container","ose-cluster-baremetal-operator-container","ose-apiserver-network-proxy-container","ose-route-controller-manager-container","openshift-enterprise-console-operator-container","ose-cluster-ovirt-csi-operator-container","ose-cluster-openshift-apiserver-operator-container","ose-powervs-cloud-controller-manager-container","ose-machine-config-operator-container","ose-nutanix-cloud-controller-manager-container","ose-alibaba-machine-controllers-container","ose-aws-ebs-csi-driver-container","ose-cluster-capi-operator-container","oc-mirror-plugin-container","ose-azure-file-csi-driver-operator-container","ose-azure-disk-csi-driver-container","ose-gcp-pd-csi-driver-operator-container","oauth-server-container","openshift-enterprise-tests-container","ose-csi-snapshot-validation-webhook-container","ose-olm-rukpak-container","ose-service-ca-operator-container","csi-node-driver-registrar-container","openshift-enterprise-haproxy-router-container","csi-driver-manila-container","ose-cluster-machine-approver-container","ose-cluster-policy-controller-container","ose-powervs-machine-controllers-container","openshift-enterprise-keepalived-ipfailover-container","ose-cluster-openshift-controller-manager-operator-container","openshift-enterprise-pod-container","ose-machine-api-provider-gcp-container","cluster-monitoring-operator-container","ose-network-interface-bond-cni-container","telemeter-container","kube-rbac-proxy-container","ose-prometheus-adapter-container","ose-machine-api-provider-openstack-container","ose-tools-container","ose-must-gather-container","ose-kube-storage-version-migrator-container","ose-azure-disk-csi-driver-operator-container","ose-cloud-network-config-controller-container","ose-baremetal-operator-container","ose-vmware-vsphere-csi-driver-operator-container","prometheus-config-reloader-container"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0793.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"7.7"},{"CVE":"CVE-2024-1151","severity":"moderate","public_date":"2024-02-07T00:00:00Z","advisories":[],"bugzilla":"2262241","bugzilla_description":"kernel: stack overflow problem in Open vSwitch kernel module leading to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1151.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-24806","severity":"moderate","public_date":"2024-02-07T00:00:00Z","advisories":[],"bugzilla":"2263292","bugzilla_description":"libuv: Improper Domain Lookup that potentially leads to SSRF attacks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-918","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24806.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2024-24680","severity":"moderate","public_date":"2024-02-06T15:00:00Z","advisories":["RHSA-2024:1057"],"bugzilla":"2261856","bugzilla_description":"Django: denial-of-service in ``intcomma`` template filter","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["python3x-django-0:4.2.10-1.el8ap","python-django-0:4.2.10-1.el9ap"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24680.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-1048","severity":"moderate","public_date":"2024-02-06T00:00:00Z","advisories":[],"bugzilla":"2256827","bugzilla_description":"grub2: grub2-set-bootflag can be abused by local (pseudo-)users","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-459","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1048.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2024-1271","severity":"moderate","public_date":"2024-02-06T00:00:00Z","advisories":[],"bugzilla":"2262978","bugzilla_description":"freeipa: privileges escalation from root to domain admin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-274","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1271.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-24575","severity":"moderate","public_date":"2024-02-06T00:00:00Z","advisories":[],"bugzilla":"2263092","bugzilla_description":"libgit2: potential infiniate loop condition in git_revparse_single","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24575.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-24577","severity":"important","public_date":"2024-02-06T00:00:00Z","advisories":[],"bugzilla":"2263095","bugzilla_description":"libgit2: arbitrary code execution due to heap corruption in git_index_add","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24577.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2024-1300","severity":"moderate","public_date":"2024-02-06T00:00:00Z","advisories":[],"bugzilla":"2263139","bugzilla_description":"io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1300.json"},{"CVE":"CVE-2023-7216","severity":"moderate","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2249901","bugzilla_description":"CPIO: extraction allows symlinks which enables Remote Command Execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22->CWE-59","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-7216.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2023-34042","severity":"moderate","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2262911","bugzilla_description":"spring-security-config: Incorrect Permission Assignment for spring-security.xsd","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-732","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34042.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"4.1"},{"CVE":"CVE-2024-24855","severity":"low","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2262983","bugzilla_description":"kernel: Race condition in lpfc_unregister_fcf_rescan() in scsi/lpfc/lpfc_hbadisc.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-367","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24855.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2024-23196","severity":"low","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2262988","bugzilla_description":"kernel: Race condition in snd_hdac_regmap_sync() in sound/hda","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-367","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23196.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2024-22667","severity":"low","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2262999","bugzilla_description":"vim: Stack buffer over flow in did_set_langmap function in map.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22667.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2024-1485","severity":"important","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2264106","bugzilla_description":"registry-support: decompress can delete files outside scope via relative paths","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-349->CWE-23","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1485.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:H","cvss3_score":"8.0"},{"CVE":"CVE-2024-24857","severity":"moderate","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2266247","bugzilla_description":"kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-190|CWE-362)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24857.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2024-24858","severity":"moderate","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2266249","bugzilla_description":"kernel: net/bluetooth: race condition in {conn,adv}_{min,max}_interval_set() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24858.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2024-23213","severity":"important","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2270141","bugzilla_description":"webkitgtk: Processing web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23213.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-40414","severity":"important","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2270143","bugzilla_description":"webkitgtk: Processing web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40414.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2023-42833","severity":"important","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2270146","bugzilla_description":"webkitgtk: Processing web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42833.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2014-1745","severity":"moderate","public_date":"2024-02-05T00:00:00Z","advisories":[],"bugzilla":"2270151","bugzilla_description":"webkitgtk: Processing a file may lead to a denial of service or potentially disclose memory contents","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1745.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2024-25062","severity":"moderate","public_date":"2024-02-04T00:00:00Z","advisories":["RHSA-2024:1317"],"bugzilla":"2262726","bugzilla_description":"libxml2: use-after-free in XMLReader","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["libxml2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25062.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-36773","severity":"important","public_date":"2024-02-04T00:00:00Z","advisories":[],"bugzilla":"2262734","bugzilla_description":"Ghostscript: out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-416|CWE-787)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36773.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2023-52425","severity":"moderate","public_date":"2024-02-04T00:00:00Z","advisories":["RHSA-2024:1530"],"bugzilla":"2262877","bugzilla_description":"expat: parsing large tokens can trigger a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["expat-0:2.5.0-1.el9_3.1"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52425.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-52426","severity":"moderate","public_date":"2024-02-04T00:00:00Z","advisories":[],"bugzilla":"2262879","bugzilla_description":"expat: recursive XML entity expansion vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-776","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52426.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-0831","severity":"moderate","public_date":"2024-02-01T00:00:00Z","advisories":[],"bugzilla":"2262236","bugzilla_description":"hashicorp vault: sensitive information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-532","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0831.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"4.5"},{"CVE":"CVE-2024-24557","severity":"moderate","public_date":"2024-02-01T00:00:00Z","advisories":[],"bugzilla":"2262352","bugzilla_description":"moby: classic builder cache poisoning","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-345|CWE-346)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24557.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L","cvss3_score":"6.9"},{"CVE":"CVE-2023-5841","severity":"important","public_date":"2024-02-01T00:00:00Z","advisories":[],"bugzilla":"2262397","bugzilla_description":"OpenEXR: Heap Overflow in Scanline Deep Data Parsing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5841.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"9.1"},{"CVE":"CVE-2024-21626","severity":"important","public_date":"2024-01-31T20:01:00Z","advisories":["RHSA-2024:1270","RHSA-2024:0670","RHSA-2024:0756","RHSA-2024:0757","RHSA-2024:0758","RHSA-2024:0748","RHSA-2024:0759","RHSA-2024:0717","RHSA-2024:0760","RHSA-2024:0684","RHSA-2024:0662","RHSA-2024:0752","RHSA-2024:0764","RHSA-2024:0666","RHSA-2024:0755","RHSA-2024:0645"],"bugzilla":"2258725","bugzilla_description":"runc: file descriptor leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["runc-4:1.1.12-1.el9_2","runc-4:1.1.12-1.rhaos4.14.el9","runc-4:1.1.12-1.el9_3","container-tools:rhel8-8080020240206143933.0f77c1b7","runc-0:1.0.0-70.rc10.el7_9","container-tools:4.0-8090020240201111813.d7b6f4b7","container-tools:rhel8-8090020240201111839.d7b6f4b7","runc-3:1.1.6-5.1.rhaos4.12.el8","docker-2:1.13.1-210.git7d71120.el7_9","runc-4:1.1.12-1.rhaos4.13.el8","runc-3:1.1.2-3.1.rhaos4.11.el8","container-tools:2.0-8020020240206120705.28c38760","runc-4:1.1.12-1.el9_0","container-tools:4.0-8060020240205133014.3b538bd8","container-tools:3.0-8040020240207051234.c0c392d5","container-tools:rhel8-8060020240206151655.3b538bd8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21626.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"8.6"},{"CVE":"CVE-2024-23651","severity":"moderate","public_date":"2024-01-31T01:01:00Z","advisories":[],"bugzilla":"2262224","bugzilla_description":"moby/buildkit: possible race condition with accessing subpaths from cache mounts","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23651.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2024-0406","severity":"moderate","public_date":"2024-01-31T00:00:00Z","advisories":[],"bugzilla":"2257749","bugzilla_description":"mholt/archiver: path traversal vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0406.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-0853","severity":"low","public_date":"2024-01-31T00:00:00Z","advisories":[],"bugzilla":"2262097","bugzilla_description":"curl: OCSP verification bypass with TLS session reuse","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-299","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0853.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"3.8"},{"CVE":"CVE-2024-1086","severity":"moderate","public_date":"2024-01-31T00:00:00Z","advisories":["RHSA-2024:1332","RHSA-2024:0930","RHSA-2024:1404","RHSA-2024:1019","RHSA-2024:1249","RHSA-2024:1018"],"bugzilla":"2262126","bugzilla_description":"kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-0:3.10.0-1160.114.2.el7","kernel-rt-0:5.14.0-284.55.1.rt14.340.el9_2","kernel-0:4.18.0-477.51.1.el8_8","kernel-0:5.14.0-284.55.1.el9_2","kernel-0:4.18.0-372.93.1.el8_6","kernel-rt-0:3.10.0-1160.114.2.rt56.1266.el7"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1086.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2024-1085","severity":"moderate","public_date":"2024-01-31T00:00:00Z","advisories":["RHSA-2024:1019","RHSA-2024:1018"],"bugzilla":"2262127","bugzilla_description":"kernel: nf_tables: use-after-free vulnerability in the nft_setelem_catchall_deactivate() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-rt-0:5.14.0-284.55.1.rt14.340.el9_2","kernel-0:5.14.0-284.55.1.el9_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1085.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.6"},{"CVE":"CVE-2024-23652","severity":"important","public_date":"2024-01-31T00:00:00Z","advisories":[],"bugzilla":"2262225","bugzilla_description":"moby/buildkit: possible host system access from mount stub cleaner","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23652.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-23653","severity":"important","public_date":"2024-01-31T00:00:00Z","advisories":[],"bugzilla":"2262226","bugzilla_description":"moby/buildkit: Buildkit's interactive containers API does not validate entitlements check","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-863","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23653.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2024-23650","severity":"moderate","public_date":"2024-01-31T00:00:00Z","advisories":[],"bugzilla":"2262272","bugzilla_description":"moby/buildkit: Possible race condition with accessing subpaths from cache mounts","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-754","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23650.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2023-6246","severity":"important","public_date":"2024-01-30T00:00:00Z","advisories":[],"bugzilla":"2249053","bugzilla_description":"glibc: heap-based buffer overflow in __vsyslog_internal()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6246.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2023-6779","severity":"important","public_date":"2024-01-30T00:00:00Z","advisories":[],"bugzilla":"2254395","bugzilla_description":"glibc: off-by-one heap-based buffer overflow in __vsyslog_internal()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-193->CWE-122","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6779.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"8.2"},{"CVE":"CVE-2023-6780","severity":"low","public_date":"2024-01-30T00:00:00Z","advisories":[],"bugzilla":"2254396","bugzilla_description":"glibc: integer overflow in __vsyslog_internal()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-131","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6780.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2024-1062","severity":"moderate","public_date":"2024-01-30T00:00:00Z","advisories":["RHSA-2024:1372","RHSA-2024:1074"],"bugzilla":"2261879","bugzilla_description":"389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["redhat-ds:11-8080020240306153507.f969626e","389-ds:1.4-8060020240213164457.824efc52"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1062.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-23334","severity":"moderate","public_date":"2024-01-30T00:00:00Z","advisories":[],"bugzilla":"2261887","bugzilla_description":"aiohttp: follow_symlinks directory traversal vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23334.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2024-21803","severity":"moderate","public_date":"2024-01-30T00:00:00Z","advisories":[],"bugzilla":"2261903","bugzilla_description":"kernel: bluetooth: use-after-free vulnerability in af_bluetooth.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21803.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2024-23829","severity":"moderate","public_date":"2024-01-30T00:00:00Z","advisories":[],"bugzilla":"2261909","bugzilla_description":"python-aiohttp: http request smuggling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-444","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23829.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2024-23840","severity":"moderate","public_date":"2024-01-30T00:00:00Z","advisories":[],"bugzilla":"2262014","bugzilla_description":"goreleaser: goreleaser release --debug shows secrets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-532","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23840.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2024-1102","severity":"moderate","public_date":"2024-01-29T00:00:00Z","advisories":[],"bugzilla":"2262060","bugzilla_description":"jberet: jberet-core logging database credentials","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1102.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2022-48622","severity":"moderate","public_date":"2024-01-26T00:00:00Z","advisories":[],"bugzilla":"2260545","bugzilla_description":"gnome: heap memory corruption on gdk-pixbuf","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48622.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2024-1023","severity":"moderate","public_date":"2024-01-26T00:00:00Z","advisories":[],"bugzilla":"2260840","bugzilla_description":"io.vertx/vertx-core: memory leak due to the use of Netty FastThreadLocal data structures in Vertx","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1023.json"},{"CVE":"CVE-2024-0914","severity":"moderate","public_date":"2024-01-25T00:00:00Z","advisories":["RHSA-2024:1411","RHSA-2024:1239"],"bugzilla":"2260407","bugzilla_description":"opencryptoki: timing side-channel in handling of RSA PKCS#1 v1.5 padded ciphertexts (Marvin)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385->CWE-208->CWE-203","affected_packages":["opencryptoki-0:3.21.0-9.el9_3","opencryptoki-0:3.19.0-3.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0914.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2024-22099","severity":"moderate","public_date":"2024-01-25T00:00:00Z","advisories":[],"bugzilla":"2267701","bugzilla_description":"kernel: NULL Pointer dereference bluetooth allows Overflow Buffers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22099.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.7"},{"CVE":"CVE-2024-23307","severity":"moderate","public_date":"2024-01-25T00:00:00Z","advisories":[],"bugzilla":"2267705","bugzilla_description":"kernel: Integer Overflow in raid5_cache_count","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23307.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2023-6110","severity":"moderate","public_date":"2024-01-24T00:00:00Z","advisories":[],"bugzilla":"2212960","bugzilla_description":"openstack: deleting a non existing access rule deletes another existing access rule in it's scope","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6110.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.5"},{"CVE":"CVE-2023-5675","severity":"moderate","public_date":"2024-01-24T00:00:00Z","advisories":["RHSA-2024:0494","RHSA-2024:0495"],"bugzilla":"2245197","bugzilla_description":"quarkus: Authorization flaw in Quarkus RestEasy Reactive and Classic when \"quarkus.security.jaxrs.deny-unannotated-endpoints\" or \"quarkus.security.jaxrs.default-roles-allowed\" properties are used.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-285","affected_packages":["io.quarkus/quarkus-resteasy:3.2.9.Final-redhat-00003","io.quarkus/quarkus-resteasy-reactive:2.13.9.Final-redhat-00003","io.quarkus/quarkus-resteasy:2.13.9.Final-redhat-00003","io.quarkus/quarkus-resteasy-reactive:3.2.9.Final-redhat-00003"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5675.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2023-6267","severity":"important","public_date":"2024-01-24T00:00:00Z","advisories":["RHSA-2024:0494","RHSA-2024:0495"],"bugzilla":"2251155","bugzilla_description":"quarkus: json payload getting processed prior to security checks when rest resources are used with annotations.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-280","affected_packages":["io.quarkus/quarkus-resteasy:3.2.9.Final-redhat-00003","io.quarkus/quarkus-resteasy:2.13.9.Final-redhat-00003"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6267.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"8.6"},{"CVE":"CVE-2022-4964","severity":"moderate","public_date":"2024-01-24T00:00:00Z","advisories":[],"bugzilla":"2260027","bugzilla_description":"pipewire: grants microphone access even when the snap interface for audio-record","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-601","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4964.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2024-23638","severity":"moderate","public_date":"2024-01-24T00:00:00Z","advisories":[],"bugzilla":"2260051","bugzilla_description":"squid: vulnerable to a Denial of Service attack against Cache Manager error responses","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-825","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23638.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2023-40547","severity":"important","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2234589","bugzilla_description":"shim: RCE in http boot support may lead to Secure Boot bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787->CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40547.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.3"},{"CVE":"CVE-2023-40546","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2241796","bugzilla_description":"shim: Out-of-bounds read printing error messages","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40546.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2023-40549","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2241797","bugzilla_description":"shim: Out-of-bounds read in verify_buffer_authenticode() malformed PE file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40549.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2024-0841","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2256490","bugzilla_description":"kernel: hugetlbfs: Null pointer dereference in hugetlbfs_fill_super function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0841.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.6"},{"CVE":"CVE-2024-23342","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2259780","bugzilla_description":"python-ecdsa: vulnerable to the Minerva attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-203|CWE-208|CWE-385)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23342.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2023-46343","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2259858","bugzilla_description":"kernel: NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46343.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-22705","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2259864","bugzilla_description":"kernel: out-of-bounds access smb2_get_data_area_len","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22705.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2023-51042","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:1248","RHSA-2024:0930","RHSA-2024:1404","RHSA-2024:1019","RHSA-2024:1018"],"bugzilla":"2259866","bugzilla_description":"kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-rt-0:5.14.0-284.55.1.rt14.340.el9_2","kernel-0:4.18.0-477.51.1.el8_8","kernel-0:5.14.0-284.55.1.el9_2","kernel-0:5.14.0-362.24.1.el9_3","kernel-0:4.18.0-372.93.1.el8_6"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51042.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-23222","severity":"important","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2023:4202","RHSA-2023:4201"],"bugzilla":"2259893","bugzilla_description":"webkitgtk: type confusion may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":["webkit2gtk3-0:2.38.5-1.el8_8.5","webkit2gtk3-0:2.38.5-1.el9_2.3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23222.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-40550","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2259915","bugzilla_description":"shim: Out-of-bound read in verify_buffer_sbat()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40550.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2023-40551","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2259918","bugzilla_description":"shim: out of bounds read when parsing MZ binaries","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40551.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2024-0741","severity":"important","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:0602","RHSA-2024:0559","RHSA-2024:0603","RHSA-2024:0615","RHSA-2024:0604","RHSA-2024:0616","RHSA-2024:0605","RHSA-2024:0618","RHSA-2024:0608","RHSA-2024:0619","RHSA-2024:0609","RHSA-2024:0596","RHSA-2024:0565","RHSA-2024:0598","RHSA-2024:0600","RHSA-2024:0622","RHSA-2024:0601","RHSA-2024:0623"],"bugzilla":"2259926","bugzilla_description":"Mozilla: Out of bounds write in ANGLE","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["thunderbird-0:115.7.0-1.el7_9","thunderbird-0:115.7.0-1.el8_8","thunderbird-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_4","thunderbird-0:115.7.0-1.el9_3","thunderbird-0:115.7.0-1.el9_2","thunderbird-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el9_0","firefox-0:115.7.0-1.el8_2","firefox-0:115.7.0-1.el9_2","firefox-0:115.7.0-1.el8_4","firefox-0:115.7.0-1.el9_3","firefox-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el7_9","firefox-0:115.7.0-1.el8_8","firefox-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_2","thunderbird-0:115.7.0-1.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0741.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-0742","severity":"important","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:0602","RHSA-2024:0559","RHSA-2024:0603","RHSA-2024:0615","RHSA-2024:0604","RHSA-2024:0616","RHSA-2024:0605","RHSA-2024:0618","RHSA-2024:0608","RHSA-2024:0619","RHSA-2024:0609","RHSA-2024:0596","RHSA-2024:0565","RHSA-2024:0598","RHSA-2024:0600","RHSA-2024:0622","RHSA-2024:0601","RHSA-2024:0623"],"bugzilla":"2259927","bugzilla_description":"Mozilla: Failure to update user input timestamp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1021","affected_packages":["thunderbird-0:115.7.0-1.el7_9","thunderbird-0:115.7.0-1.el8_8","thunderbird-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_4","thunderbird-0:115.7.0-1.el9_3","thunderbird-0:115.7.0-1.el9_2","thunderbird-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el9_0","firefox-0:115.7.0-1.el8_2","firefox-0:115.7.0-1.el9_2","firefox-0:115.7.0-1.el8_4","firefox-0:115.7.0-1.el9_3","firefox-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el7_9","firefox-0:115.7.0-1.el8_8","firefox-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_2","thunderbird-0:115.7.0-1.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0742.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-0746","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:0602","RHSA-2024:0559","RHSA-2024:0603","RHSA-2024:0615","RHSA-2024:0604","RHSA-2024:0616","RHSA-2024:0605","RHSA-2024:0618","RHSA-2024:0608","RHSA-2024:0619","RHSA-2024:0609","RHSA-2024:0596","RHSA-2024:0565","RHSA-2024:0598","RHSA-2024:0600","RHSA-2024:0622","RHSA-2024:0601","RHSA-2024:0623"],"bugzilla":"2259928","bugzilla_description":"Mozilla: Crash when listing printers on Linux","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["thunderbird-0:115.7.0-1.el7_9","thunderbird-0:115.7.0-1.el8_8","thunderbird-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_4","thunderbird-0:115.7.0-1.el9_3","thunderbird-0:115.7.0-1.el9_2","thunderbird-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el9_0","firefox-0:115.7.0-1.el8_2","firefox-0:115.7.0-1.el9_2","firefox-0:115.7.0-1.el8_4","firefox-0:115.7.0-1.el9_3","firefox-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el7_9","firefox-0:115.7.0-1.el8_8","firefox-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_2","thunderbird-0:115.7.0-1.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0746.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-0747","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:0602","RHSA-2024:0559","RHSA-2024:0603","RHSA-2024:0615","RHSA-2024:0604","RHSA-2024:0616","RHSA-2024:0605","RHSA-2024:0618","RHSA-2024:0608","RHSA-2024:0619","RHSA-2024:0609","RHSA-2024:0596","RHSA-2024:0565","RHSA-2024:0598","RHSA-2024:0600","RHSA-2024:0622","RHSA-2024:0601","RHSA-2024:0623"],"bugzilla":"2259929","bugzilla_description":"Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1021","affected_packages":["thunderbird-0:115.7.0-1.el7_9","thunderbird-0:115.7.0-1.el8_8","thunderbird-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_4","thunderbird-0:115.7.0-1.el9_3","thunderbird-0:115.7.0-1.el9_2","thunderbird-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el9_0","firefox-0:115.7.0-1.el8_2","firefox-0:115.7.0-1.el9_2","firefox-0:115.7.0-1.el8_4","firefox-0:115.7.0-1.el9_3","firefox-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el7_9","firefox-0:115.7.0-1.el8_8","firefox-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_2","thunderbird-0:115.7.0-1.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0747.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-0749","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:0602","RHSA-2024:0559","RHSA-2024:0603","RHSA-2024:0615","RHSA-2024:0604","RHSA-2024:0616","RHSA-2024:0605","RHSA-2024:0618","RHSA-2024:0608","RHSA-2024:0619","RHSA-2024:0609","RHSA-2024:0596","RHSA-2024:0565","RHSA-2024:0598","RHSA-2024:0600","RHSA-2024:0622","RHSA-2024:0601","RHSA-2024:0623"],"bugzilla":"2259930","bugzilla_description":"Mozilla: Phishing site popup could show local origin in address bar","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1021","affected_packages":["thunderbird-0:115.7.0-1.el7_9","thunderbird-0:115.7.0-1.el8_8","thunderbird-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_4","thunderbird-0:115.7.0-1.el9_3","thunderbird-0:115.7.0-1.el9_2","thunderbird-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el9_0","firefox-0:115.7.0-1.el8_2","firefox-0:115.7.0-1.el9_2","firefox-0:115.7.0-1.el8_4","firefox-0:115.7.0-1.el9_3","firefox-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el7_9","firefox-0:115.7.0-1.el8_8","firefox-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_2","thunderbird-0:115.7.0-1.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0749.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-0750","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:0602","RHSA-2024:0559","RHSA-2024:0603","RHSA-2024:0615","RHSA-2024:0604","RHSA-2024:0616","RHSA-2024:0605","RHSA-2024:0618","RHSA-2024:0608","RHSA-2024:0619","RHSA-2024:0609","RHSA-2024:0596","RHSA-2024:0565","RHSA-2024:0598","RHSA-2024:0600","RHSA-2024:0622","RHSA-2024:0601","RHSA-2024:0623"],"bugzilla":"2259931","bugzilla_description":"Mozilla: Potential permissions request bypass via clickjacking","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1021","affected_packages":["thunderbird-0:115.7.0-1.el7_9","thunderbird-0:115.7.0-1.el8_8","thunderbird-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_4","thunderbird-0:115.7.0-1.el9_3","thunderbird-0:115.7.0-1.el9_2","thunderbird-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el9_0","firefox-0:115.7.0-1.el8_2","firefox-0:115.7.0-1.el9_2","firefox-0:115.7.0-1.el8_4","firefox-0:115.7.0-1.el9_3","firefox-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el7_9","firefox-0:115.7.0-1.el8_8","firefox-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_2","thunderbird-0:115.7.0-1.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0750.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2024-0751","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:0602","RHSA-2024:0559","RHSA-2024:0603","RHSA-2024:0615","RHSA-2024:0604","RHSA-2024:0616","RHSA-2024:0605","RHSA-2024:0618","RHSA-2024:0608","RHSA-2024:0619","RHSA-2024:0609","RHSA-2024:0596","RHSA-2024:0565","RHSA-2024:0598","RHSA-2024:0600","RHSA-2024:0622","RHSA-2024:0601","RHSA-2024:0623"],"bugzilla":"2259932","bugzilla_description":"Mozilla: Privilege escalation through devtools","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["thunderbird-0:115.7.0-1.el7_9","thunderbird-0:115.7.0-1.el8_8","thunderbird-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_4","thunderbird-0:115.7.0-1.el9_3","thunderbird-0:115.7.0-1.el9_2","thunderbird-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el9_0","firefox-0:115.7.0-1.el8_2","firefox-0:115.7.0-1.el9_2","firefox-0:115.7.0-1.el8_4","firefox-0:115.7.0-1.el9_3","firefox-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el7_9","firefox-0:115.7.0-1.el8_8","firefox-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_2","thunderbird-0:115.7.0-1.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0751.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2024-0753","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:0602","RHSA-2024:0559","RHSA-2024:0603","RHSA-2024:0615","RHSA-2024:0604","RHSA-2024:0616","RHSA-2024:0605","RHSA-2024:0618","RHSA-2024:0608","RHSA-2024:0619","RHSA-2024:0609","RHSA-2024:0596","RHSA-2024:0565","RHSA-2024:0598","RHSA-2024:0600","RHSA-2024:0622","RHSA-2024:0601","RHSA-2024:0623"],"bugzilla":"2259933","bugzilla_description":"Mozilla: HSTS policy on subdomain could bypass policy of upper domain","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-326","affected_packages":["thunderbird-0:115.7.0-1.el7_9","thunderbird-0:115.7.0-1.el8_8","thunderbird-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_4","thunderbird-0:115.7.0-1.el9_3","thunderbird-0:115.7.0-1.el9_2","thunderbird-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el9_0","firefox-0:115.7.0-1.el8_2","firefox-0:115.7.0-1.el9_2","firefox-0:115.7.0-1.el8_4","firefox-0:115.7.0-1.el9_3","firefox-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el7_9","firefox-0:115.7.0-1.el8_8","firefox-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_2","thunderbird-0:115.7.0-1.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0753.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2024-0755","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:0602","RHSA-2024:0559","RHSA-2024:0603","RHSA-2024:0615","RHSA-2024:0604","RHSA-2024:0616","RHSA-2024:0605","RHSA-2024:0618","RHSA-2024:0608","RHSA-2024:0619","RHSA-2024:0609","RHSA-2024:0596","RHSA-2024:0565","RHSA-2024:0598","RHSA-2024:0600","RHSA-2024:0622","RHSA-2024:0601","RHSA-2024:0623"],"bugzilla":"2259934","bugzilla_description":"Mozilla: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:115.7.0-1.el7_9","thunderbird-0:115.7.0-1.el8_8","thunderbird-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_4","thunderbird-0:115.7.0-1.el9_3","thunderbird-0:115.7.0-1.el9_2","thunderbird-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el9_0","firefox-0:115.7.0-1.el8_2","firefox-0:115.7.0-1.el9_2","firefox-0:115.7.0-1.el8_4","firefox-0:115.7.0-1.el9_3","firefox-0:115.7.0-1.el8_6","firefox-0:115.7.0-1.el7_9","firefox-0:115.7.0-1.el8_8","firefox-0:115.7.0-1.el8_9","thunderbird-0:115.7.0-1.el8_2","thunderbird-0:115.7.0-1.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0755.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-51043","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:1188","RHSA-2023:7077","RHSA-2024:1404","RHSA-2024:1019","RHSA-2024:1018"],"bugzilla":"2260005","bugzilla_description":"kernel: use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-rt-0:5.14.0-284.55.1.rt14.340.el9_2","kernel-0:4.18.0-477.51.1.el8_8","kernel","kernel-0:5.14.0-284.55.1.el9_2","kernel-0:4.18.0-372.95.1.el8_6"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51043.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2024-0745","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2260009","bugzilla_description":"firefox: stack buffer overflow in WebAudio `OscillatorNode`","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0745.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2024-0743","severity":"important","public_date":"2024-01-23T00:00:00Z","advisories":["RHSA-2024:1491","RHSA-2024:1490","RHSA-2024:1493","RHSA-2024:1492","RHSA-2024:1484","RHSA-2024:1495","RHSA-2024:1494","RHSA-2024:1483","RHSA-2024:1486","RHSA-2024:1497","RHSA-2024:1496","RHSA-2024:1485","RHSA-2024:1499","RHSA-2024:1488","RHSA-2024:1498","RHSA-2024:1487","RHSA-2024:1500","RHSA-2024:1489"],"bugzilla":"2260012","bugzilla_description":"Mozilla: Crash in NSS TLS method","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-252","affected_packages":["firefox-0:115.9.1-1.el8_2","firefox-0:115.9.1-1.el9_2","firefox-0:115.9.1-1.el9_0","thunderbird-0:115.9.0-1.el8_9","thunderbird-0:115.9.0-1.el7_9","thunderbird-0:115.9.0-1.el8_8","thunderbird-0:115.9.0-1.el8_6","thunderbird-0:115.9.0-1.el8_4","thunderbird-0:115.9.0-1.el9_3","thunderbird-0:115.9.0-1.el9_2","thunderbird-0:115.9.0-1.el8_2","thunderbird-0:115.9.0-1.el9_0","firefox-0:115.9.1-1.el7_9","firefox-0:115.9.1-1.el8_8","firefox-0:115.9.1-1.el8_9","firefox-0:115.9.1-1.el8_6","firefox-0:115.9.1-1.el8_4","firefox-0:115.9.1-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0743.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-0744","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2260014","bugzilla_description":"firefox: JIT compiled code could have dereferenced a wild pointer value","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0744.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-0748","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2260016","bugzilla_description":"firefox: an arbitrary URI in the address bar or history","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0748.json"},{"CVE":"CVE-2024-0752","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2260019","bugzilla_description":"firefox: use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0752.json"},{"CVE":"CVE-2024-0754","severity":"low","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2260022","bugzilla_description":"firefox: WASM source files could have caused a crash when loaded in devtools","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0754.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-23848","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2260038","bugzilla_description":"kernel: use-after-free in cec_queue_msg_fh","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23848.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2024-23849","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2260041","bugzilla_description":"kernel: off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-193","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23849.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2024-23850","severity":"moderate","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2260044","bugzilla_description":"kernel: btrfs_get_root_ref has an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23850.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-23851","severity":null,"public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2260046","bugzilla_description":"kernel: copy_params can attempt to allocate more than INT_MAX bytes and crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23851.json"},{"CVE":"CVE-2024-0911","severity":"low","public_date":"2024-01-23T00:00:00Z","advisories":[],"bugzilla":"2260399","bugzilla_description":"indent: heap-based buffer overflow in set_buf_break()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0911.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-52340","severity":"moderate","public_date":"2024-01-22T00:00:00Z","advisories":[],"bugzilla":"2257979","bugzilla_description":"kernel: ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52340.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-21484","severity":"moderate","public_date":"2024-01-22T00:00:00Z","advisories":[],"bugzilla":"2259531","bugzilla_description":"jsrsasign: vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-203","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21484.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L","cvss3_score":"7.5"},{"CVE":"CVE-2024-22233","severity":"moderate","public_date":"2024-01-22T00:00:00Z","advisories":[],"bugzilla":"2259703","bugzilla_description":"spring-boot: Crafted HTTP requests may lead to debial-of-service (DOS)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22233.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-0727","severity":"low","public_date":"2024-01-22T00:00:00Z","advisories":[],"bugzilla":"2259944","bugzilla_description":"openssl: denial of service via null dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0727.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-23206","severity":"moderate","public_date":"2024-01-22T00:00:00Z","advisories":[],"bugzilla":"2269743","bugzilla_description":"webkitgtk: A maliciously crafted webpage may be able to fingerprint the user","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23206.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2006-2916","severity":"moderate","public_date":"2024-01-21T00:00:00Z","advisories":[],"bugzilla":"2259536","bugzilla_description":"arts: does not check the return value of the setuid which prevents artsd from dropping privileges","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-273","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2916.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2024-0564","severity":"moderate","public_date":"2024-01-20T00:00:00Z","advisories":[],"bugzilla":"2258514","bugzilla_description":"kernel: max page sharing of Kernel Samepage Merging (KSM) may cause memory deduplication","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0564.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2024-22424","severity":"moderate","public_date":"2024-01-19T00:00:00Z","advisories":["RHSA-2024:0691","RHSA-2024:0692","RHSA-2024:0689"],"bugzilla":"2259105","bugzilla_description":"argo-cd: vulnerable to a cross-server request forgery (CSRF) attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-352","affected_packages":["openshift-gitops-1/kam-delivery-rhel8:v1.11.1-1","openshift-gitops-1/dex-rhel8:v1.11.1-1","openshift-gitops-1/gitops-rhel8:v1.11.1-1","openshift-gitops-1/gitops-rhel8-operator:v1.10.2-2","openshift-gitops-1/console-plugin-rhel8:v1.9.4-1","openshift-gitops-1/dex-rhel8:v1.9.4-1","openshift-gitops-1/dex-rhel8:v1.10.2-2","openshift-gitops-1/console-plugin-rhel8:v1.11.1-1","openshift-gitops-1/gitops-operator-bundle:v1.11.1-1","openshift-gitops-1/must-gather-rhel8:v1.11.1-1","openshift-gitops-1/argocd-rhel8:v1.9.4-1","openshift-gitops-1/console-plugin-rhel8:v1.10.2-2","openshift-gitops-1/gitops-rhel8-operator:v1.11.1-1","openshift-gitops-1/gitops-rhel8-operator:v1.9.4-1","openshift-gitops-1/kam-delivery-rhel8:v1.9.4-1","openshift-gitops-1/gitops-operator-bundle:v1.10.2-2","openshift-gitops-1/gitops-operator-bundle:v1.9.4-1","openshift-gitops-1/argo-rollouts-rhel8:v1.10.2-2","openshift-gitops-1/must-gather-rhel8:v1.10.2-2","openshift-gitops-1/gitops-rhel8:v1.9.4-1","openshift-gitops-1/kam-delivery-rhel8:v1.10.2-2","openshift-gitops-1/argo-rollouts-rhel8:v1.9.4-1","openshift-gitops-1/gitops-rhel8:v1.10.2-2","openshift-gitops-1/argocd-rhel8:v1.11.1-1","openshift-gitops-1/argo-rollouts-rhel8:v1.11.1-1","openshift-gitops-1/must-gather-rhel8:v1.9.4-1","openshift-gitops-1/argocd-rhel8:v1.10.2-2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22424.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"8.3"},{"CVE":"CVE-2024-21733","severity":"important","public_date":"2024-01-19T00:00:00Z","advisories":[],"bugzilla":"2259204","bugzilla_description":"tomcat: Leaking of unrelated request bodies in default error page","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-209","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21733.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2023-50447","severity":"important","public_date":"2024-01-19T00:00:00Z","advisories":["RHSA-2024:1060","RHSA-2024:0857","RHSA-2024:0893","RHSA-2024:1059","RHSA-2024:1058","RHSA-2024:0754"],"bugzilla":"2259479","bugzilla_description":"pillow:Arbitrary Code Execution via the environment parameter","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-77","affected_packages":["python-pillow-0:5.1.1-15.el8_4","python-pillow-0:2.0.0-25.gitd1c6db8.el7_9","python-pillow-0:5.1.1-19.el8_8","python-pillow-0:5.1.1-15.el8_2","python-pillow-0:5.1.1-19.el8_6","python-pillow-0:5.1.1-18.el8_9.1"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50447.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2024-22211","severity":"low","public_date":"2024-01-19T00:00:00Z","advisories":[],"bugzilla":"2259483","bugzilla_description":"freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-122|CWE-190)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22211.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2024-22365","severity":"moderate","public_date":"2024-01-18T00:00:00Z","advisories":[],"bugzilla":"2257722","bugzilla_description":"pam: allowing unpriledged user to block another user namespace","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-277","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22365.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-0684","severity":"moderate","public_date":"2024-01-18T00:00:00Z","advisories":[],"bugzilla":"2258948","bugzilla_description":"coreutils: heap overflow in split --line-bytes with very long lines","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0684.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-0690","severity":"moderate","public_date":"2024-01-18T00:00:00Z","advisories":["RHSA-2024:0733"],"bugzilla":"2259013","bugzilla_description":"ansible-core: possible information leak in tasks that ignore ANSIBLE_NO_LOG configuration","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-117","affected_packages":["ansible-core-1:2.15.9-1.el9ap","ansible-core-1:2.15.9-1.el8ap"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0690.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.0"},{"CVE":"CVE-2023-51258","severity":"low","public_date":"2024-01-18T00:00:00Z","advisories":[],"bugzilla":"2259116","bugzilla_description":"yasm: memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a dos","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51258.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.9"},{"CVE":"CVE-2024-1459","severity":"moderate","public_date":"2024-01-18T00:00:00Z","advisories":[],"bugzilla":"2259475","bugzilla_description":"undertow: directory traversal vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-24","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1459.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2021-33630","severity":"moderate","public_date":"2024-01-18T00:00:00Z","advisories":["RHSA-2020:1769","RHSA-2020:1567"],"bugzilla":"2261974","bugzilla_description":"kernel: net/sched: cbs NULL pointer dereference when offloading is enabled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-0:4.18.0-193.el8","kernel-rt-0:4.18.0-193.rt13.51.el8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33630.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2021-33631","severity":"moderate","public_date":"2024-01-18T00:00:00Z","advisories":["RHSA-2023:2148","RHSA-2023:2458"],"bugzilla":"2261976","bugzilla_description":"kernel: ext4: kernel bug in ext4_write_inline_data_end()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["kernel-0:5.14.0-284.11.1.el9_2","kernel-rt-0:5.14.0-284.11.1.rt14.296.el9_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33631.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2024-1141","severity":"moderate","public_date":"2024-01-17T00:00:00Z","advisories":[],"bugzilla":"2258836","bugzilla_description":"glance-store: Glance Store access key logged in DEBUG log level","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-779","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1141.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2024-20932","severity":"important","public_date":"2024-01-16T20:00:00Z","advisories":["RHSA-2024:0240","RHSA-2024:0241","RHSA-2024:0242","RHSA-2024:0244","RHSA-2024:0267","RHSA-2024:0246"],"bugzilla":"2257720","bugzilla_description":"OpenJDK: incorrect handling of ZIP files with duplicate entries (8276123)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["Linux","java-17-openjdk-1:17.0.10.0.7-1.el8_6","java-17-openjdk-1:17.0.10.0.7-1.el8_4","Windows","java-17-openjdk-1:17.0.10.0.7-2.el9","java-17-openjdk-1:17.0.10.0.7-1.el9_0","java-17-openjdk-1:17.0.10.0.7-2.el8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2024-20918","severity":"important","public_date":"2024-01-16T20:00:00Z","advisories":["RHSA-2024:0240","RHSA-2024:0241","RHSA-2024:0228","RHSA-2024:0242","RHSA-2024:0265","RHSA-2024:0222","RHSA-2024:0266","RHSA-2024:0244","RHSA-2024:0223","RHSA-2024:0267","RHSA-2024:0246","RHSA-2024:0224","RHSA-2024:0247","RHSA-2024:0225","RHSA-2024:0248","RHSA-2024:0226","RHSA-2024:0249","RHSA-2024:0250","RHSA-2024:0230","RHSA-2024:0239","RHSA-2024:0231","RHSA-2024:0232","RHSA-2024:0233","RHSA-2024:0234","RHSA-2024:0235","RHSA-2024:0237"],"bugzilla":"2257728","bugzilla_description":"OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->(CWE-125|CWE-787)","affected_packages":["java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_4","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_6","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9","java-17-openjdk-1:17.0.10.0.7-1.el8_6","java-17-openjdk-1:17.0.10.0.7-1.el8_4","java-11-openjdk-1:11.0.22.0.7-1.el8_6","Windows","java-11-openjdk-1:11.0.22.0.7-1.el8_4","java-17-openjdk-1:17.0.10.0.7-2.el9","java-17-openjdk-1:17.0.10.0.7-2.el8","java-11-openjdk-1:11.0.22.0.7-1.el7_9","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el8","Linux","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el9","java-11-openjdk-1:11.0.22.0.7-1.el8_2","java-11-openjdk-1:11.0.22.0.7-1.el9_0","java-11-openjdk-1:11.0.22.0.7-2.el9","java-11-openjdk-1:11.0.22.0.7-2.el8","java-17-openjdk-1:17.0.10.0.7-1.el9_0","java-21-openjdk-1:21.0.2.0.13-1.el9","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el9_0","java-21-openjdk-1:21.0.2.0.13-1.el8","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2024-20952","severity":"important","public_date":"2024-01-16T20:00:00Z","advisories":["RHSA-2024:0240","RHSA-2024:0241","RHSA-2024:0228","RHSA-2024:0242","RHSA-2024:0265","RHSA-2024:0222","RHSA-2024:0266","RHSA-2024:0244","RHSA-2024:0223","RHSA-2024:0267","RHSA-2024:0246","RHSA-2024:0224","RHSA-2024:0247","RHSA-2024:0225","RHSA-2024:0248","RHSA-2024:0226","RHSA-2024:0249","RHSA-2024:0250","RHSA-2024:0230","RHSA-2024:0239","RHSA-2024:0231","RHSA-2024:0232","RHSA-2024:0233","RHSA-2024:0234","RHSA-2024:0235","RHSA-2024:0237"],"bugzilla":"2257837","bugzilla_description":"OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":["java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_4","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_6","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9","java-17-openjdk-1:17.0.10.0.7-1.el8_6","java-17-openjdk-1:17.0.10.0.7-1.el8_4","java-11-openjdk-1:11.0.22.0.7-1.el8_6","Windows","java-11-openjdk-1:11.0.22.0.7-1.el8_4","java-17-openjdk-1:17.0.10.0.7-2.el9","java-17-openjdk-1:17.0.10.0.7-2.el8","java-11-openjdk-1:11.0.22.0.7-1.el7_9","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el8","Linux","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el9","java-11-openjdk-1:11.0.22.0.7-1.el8_2","java-11-openjdk-1:11.0.22.0.7-1.el9_0","java-11-openjdk-1:11.0.22.0.7-2.el9","java-11-openjdk-1:11.0.22.0.7-2.el8","java-17-openjdk-1:17.0.10.0.7-1.el9_0","java-21-openjdk-1:21.0.2.0.13-1.el9","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el9_0","java-21-openjdk-1:21.0.2.0.13-1.el8","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2024-20926","severity":"moderate","public_date":"2024-01-16T20:00:00Z","advisories":["RHSA-2024:0230","RHSA-2024:0239","RHSA-2024:0228","RHSA-2024:0231","RHSA-2024:0232","RHSA-2024:0265","RHSA-2024:0222","RHSA-2024:0266","RHSA-2024:0233","RHSA-2024:0223","RHSA-2024:0234","RHSA-2024:0224","RHSA-2024:0235","RHSA-2024:0225","RHSA-2024:0226","RHSA-2024:0237"],"bugzilla":"2257850","bugzilla_description":"OpenJDK: arbitrary Java code execution in Nashorn (8314284)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_4","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_6","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9","java-11-openjdk-1:11.0.22.0.7-1.el8_6","Windows","java-11-openjdk-1:11.0.22.0.7-1.el8_4","java-11-openjdk-1:11.0.22.0.7-1.el7_9","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el8","Linux","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el9","java-11-openjdk-1:11.0.22.0.7-1.el8_2","java-11-openjdk-1:11.0.22.0.7-1.el9_0","java-11-openjdk-1:11.0.22.0.7-2.el9","java-11-openjdk-1:11.0.22.0.7-2.el8","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el9_0","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2024-20919","severity":"moderate","public_date":"2024-01-16T20:00:00Z","advisories":["RHSA-2024:0240","RHSA-2024:0241","RHSA-2024:0228","RHSA-2024:0242","RHSA-2024:0265","RHSA-2024:0222","RHSA-2024:0266","RHSA-2024:0244","RHSA-2024:0223","RHSA-2024:0267","RHSA-2024:0246","RHSA-2024:0224","RHSA-2024:0247","RHSA-2024:0225","RHSA-2024:0248","RHSA-2024:0226","RHSA-2024:0249","RHSA-2024:0250","RHSA-2024:0230","RHSA-2024:0239","RHSA-2024:0231","RHSA-2024:0232","RHSA-2024:0233","RHSA-2024:0234","RHSA-2024:0235","RHSA-2024:0237"],"bugzilla":"2257853","bugzilla_description":"OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_4","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_6","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9","java-17-openjdk-1:17.0.10.0.7-1.el8_6","java-17-openjdk-1:17.0.10.0.7-1.el8_4","java-11-openjdk-1:11.0.22.0.7-1.el8_6","Windows","java-11-openjdk-1:11.0.22.0.7-1.el8_4","java-17-openjdk-1:17.0.10.0.7-2.el9","java-17-openjdk-1:17.0.10.0.7-2.el8","java-11-openjdk-1:11.0.22.0.7-1.el7_9","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el8","Linux","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el9","java-11-openjdk-1:11.0.22.0.7-1.el8_2","java-11-openjdk-1:11.0.22.0.7-1.el9_0","java-11-openjdk-1:11.0.22.0.7-2.el9","java-11-openjdk-1:11.0.22.0.7-2.el8","java-17-openjdk-1:17.0.10.0.7-1.el9_0","java-21-openjdk-1:21.0.2.0.13-1.el9","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el9_0","java-21-openjdk-1:21.0.2.0.13-1.el8","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2024-20921","severity":"moderate","public_date":"2024-01-16T20:00:00Z","advisories":["RHSA-2024:0240","RHSA-2024:0241","RHSA-2024:0228","RHSA-2024:0242","RHSA-2024:0265","RHSA-2024:0222","RHSA-2024:0266","RHSA-2024:0244","RHSA-2024:0223","RHSA-2024:0267","RHSA-2024:0246","RHSA-2024:0224","RHSA-2024:0247","RHSA-2024:0225","RHSA-2024:0248","RHSA-2024:0226","RHSA-2024:0249","RHSA-2024:0250","RHSA-2024:0230","RHSA-2024:0239","RHSA-2024:0231","RHSA-2024:0232","RHSA-2024:0233","RHSA-2024:0234","RHSA-2024:0235","RHSA-2024:0237"],"bugzilla":"2257859","bugzilla_description":"OpenJDK: range check loop optimization issue (8314307)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_4","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_6","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9","java-17-openjdk-1:17.0.10.0.7-1.el8_6","java-17-openjdk-1:17.0.10.0.7-1.el8_4","java-11-openjdk-1:11.0.22.0.7-1.el8_6","Windows","java-11-openjdk-1:11.0.22.0.7-1.el8_4","java-17-openjdk-1:17.0.10.0.7-2.el9","java-17-openjdk-1:17.0.10.0.7-2.el8","java-11-openjdk-1:11.0.22.0.7-1.el7_9","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el8","Linux","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el9","java-11-openjdk-1:11.0.22.0.7-1.el8_2","java-11-openjdk-1:11.0.22.0.7-1.el9_0","java-11-openjdk-1:11.0.22.0.7-2.el9","java-11-openjdk-1:11.0.22.0.7-2.el8","java-17-openjdk-1:17.0.10.0.7-1.el9_0","java-21-openjdk-1:21.0.2.0.13-1.el9","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el9_0","java-21-openjdk-1:21.0.2.0.13-1.el8","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2024-20945","severity":"moderate","public_date":"2024-01-16T20:00:00Z","advisories":["RHSA-2024:0240","RHSA-2024:0241","RHSA-2024:0228","RHSA-2024:0242","RHSA-2024:0265","RHSA-2024:0222","RHSA-2024:0266","RHSA-2024:0244","RHSA-2024:0223","RHSA-2024:0267","RHSA-2024:0246","RHSA-2024:0224","RHSA-2024:0247","RHSA-2024:0225","RHSA-2024:0248","RHSA-2024:0226","RHSA-2024:0249","RHSA-2024:0250","RHSA-2024:0230","RHSA-2024:0239","RHSA-2024:0231","RHSA-2024:0232","RHSA-2024:0233","RHSA-2024:0234","RHSA-2024:0235","RHSA-2024:0237"],"bugzilla":"2257874","bugzilla_description":"OpenJDK: logging of digital signature private keys (8316976)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-532","affected_packages":["java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_4","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_6","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9","java-17-openjdk-1:17.0.10.0.7-1.el8_6","java-17-openjdk-1:17.0.10.0.7-1.el8_4","java-11-openjdk-1:11.0.22.0.7-1.el8_6","Windows","java-11-openjdk-1:11.0.22.0.7-1.el8_4","java-17-openjdk-1:17.0.10.0.7-2.el9","java-17-openjdk-1:17.0.10.0.7-2.el8","java-11-openjdk-1:11.0.22.0.7-1.el7_9","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el8","Linux","java-1.8.0-openjdk-1:1.8.0.402.b06-2.el9","java-11-openjdk-1:11.0.22.0.7-1.el8_2","java-11-openjdk-1:11.0.22.0.7-1.el9_0","java-11-openjdk-1:11.0.22.0.7-2.el9","java-11-openjdk-1:11.0.22.0.7-2.el8","java-17-openjdk-1:17.0.10.0.7-1.el9_0","java-21-openjdk-1:21.0.2.0.13-1.el9","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el9_0","java-21-openjdk-1:21.0.2.0.13-1.el8","java-1.8.0-openjdk-1:1.8.0.402.b06-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.7"},{"CVE":"CVE-2023-6395","severity":"moderate","public_date":"2024-01-16T13:52:00Z","advisories":[],"bugzilla":"2252206","bugzilla_description":"Mock: Privilege escalation for users that can access mock configuration","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6395.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2023-4969","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":[],"bugzilla":"2252715","bugzilla_description":"hw: amd: GPU memory leaks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4969.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-21885","severity":"important","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:0558","RHSA-2024:0614","RHSA-2024:0626","RHSA-2024:0617","RHSA-2024:0629","RHSA-2024:0607","RHSA-2024:0320","RHSA-2024:0597","RHSA-2024:0621","RHSA-2024:0557"],"bugzilla":"2256540","bugzilla_description":"xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["tigervnc-0:1.13.1-2.el8_9.7","tigervnc-0:1.11.0-8.el8_4.8","tigervnc-0:1.12.0-14.el9_2.5","tigervnc-0:1.13.1-3.el9_3.6","tigervnc-0:1.9.0-15.el8_2.9","tigervnc-0:1.12.0-15.el8_8.7","tigervnc-0:1.12.0-6.el8_6.9","tigervnc-0:1.11.0-22.el9_0.8","tigervnc-0:1.8.0-31.el7_9","xorg-x11-server-0:1.20.4-27.el7_9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21885.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-21886","severity":"important","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:0558","RHSA-2024:0614","RHSA-2024:0626","RHSA-2024:0617","RHSA-2024:0629","RHSA-2024:0607","RHSA-2024:0320","RHSA-2024:0597","RHSA-2024:0621","RHSA-2024:0557"],"bugzilla":"2256542","bugzilla_description":"xorg-x11-server: heap buffer overflow in DisableDevice","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["tigervnc-0:1.13.1-2.el8_9.7","tigervnc-0:1.11.0-8.el8_4.8","tigervnc-0:1.12.0-14.el9_2.5","tigervnc-0:1.13.1-3.el9_3.6","tigervnc-0:1.9.0-15.el8_2.9","tigervnc-0:1.12.0-15.el8_8.7","tigervnc-0:1.12.0-6.el8_6.9","tigervnc-0:1.11.0-22.el9_0.8","tigervnc-0:1.8.0-31.el7_9","xorg-x11-server-0:1.20.4-27.el7_9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21886.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-0229","severity":"important","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:0558","RHSA-2024:0614","RHSA-2024:0626","RHSA-2024:0617","RHSA-2024:0629","RHSA-2024:0607","RHSA-2024:0320","RHSA-2024:0597","RHSA-2024:0621","RHSA-2024:0557"],"bugzilla":"2256690","bugzilla_description":"xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-788","affected_packages":["tigervnc-0:1.13.1-2.el8_9.7","tigervnc-0:1.11.0-8.el8_4.8","tigervnc-0:1.12.0-14.el9_2.5","tigervnc-0:1.13.1-3.el9_3.6","tigervnc-0:1.9.0-15.el8_2.9","tigervnc-0:1.12.0-15.el8_8.7","tigervnc-0:1.12.0-6.el8_6.9","tigervnc-0:1.11.0-22.el9_0.8","tigervnc-0:1.8.0-31.el7_9","xorg-x11-server-0:1.20.4-27.el7_9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0229.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-0408","severity":"important","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:0320"],"bugzilla":"2257689","bugzilla_description":"xorg-x11-server: SELinux unlabeled GLX PBuffer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-158","affected_packages":["xorg-x11-server-0:1.20.4-27.el7_9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0408.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-0409","severity":"important","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:0320"],"bugzilla":"2257690","bugzilla_description":"xorg-x11-server: SELinux context corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["xorg-x11-server-0:1.20.4-27.el7_9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0409.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2023-6816","severity":"important","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:0558","RHSA-2024:0614","RHSA-2024:0626","RHSA-2024:0617","RHSA-2024:0629","RHSA-2024:0607","RHSA-2024:0320","RHSA-2024:0597","RHSA-2024:0621","RHSA-2024:0557"],"bugzilla":"2257691","bugzilla_description":"xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["tigervnc-0:1.13.1-2.el8_9.7","tigervnc-0:1.11.0-8.el8_4.8","tigervnc-0:1.12.0-14.el9_2.5","tigervnc-0:1.13.1-3.el9_3.6","tigervnc-0:1.9.0-15.el8_2.9","tigervnc-0:1.12.0-15.el8_8.7","tigervnc-0:1.12.0-6.el8_6.9","tigervnc-0:1.11.0-22.el9_0.8","tigervnc-0:1.8.0-31.el7_9","xorg-x11-server-0:1.20.4-27.el7_9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6816.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2024-0553","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1082","RHSA-2024:1108","RHSA-2024:0627","RHSA-2024:0796","RHSA-2024:0533"],"bugzilla":"2258412","bugzilla_description":"gnutls: incomplete fix for CVE-2023-5981","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1300->CWE-203","affected_packages":["gnutls-0:3.6.16-5.el8_6.3","gnutls-0:3.6.16-8.el8_9.1","gnutls-0:3.7.6-21.el9_2.2","gnutls-0:3.7.6-23.el9_3.3","gnutls-0:3.6.16-7.el8_8.2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0553.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2024-0567","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1082","RHSA-2024:0533"],"bugzilla":"2258544","bugzilla_description":"gnutls: rejects certificate chain with distributed trust","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-347","affected_packages":["gnutls-0:3.7.6-21.el9_2.2","gnutls-0:3.7.6-23.el9_3.3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0567.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-0607","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":[],"bugzilla":"2258635","bugzilla_description":"kernel: nf_tables: pointer math issue in nft_byteorder_eval()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-229","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0607.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.6"},{"CVE":"CVE-2023-45229","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":[],"bugzilla":"2258677","bugzilla_description":"edk2: Integer underflow when processing IA_NA/IA_TA options in a DHCPv6 Advertise message","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-119|CWE-125|CWE-338|CWE-835)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45229.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2023-45230","severity":"important","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1075","RHSA-2024:1063","RHSA-2024:1077","RHSA-2024:1076","RHSA-2024:1013","RHSA-2024:1004","RHSA-2024:1415"],"bugzilla":"2258685","bugzilla_description":"edk2: Buffer overflow in the DHCPv6 client via a long Server ID option","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["edk2-0:20200602gitca407c7246bf-4.el8_4.4","edk2-0:20220126gitbb1bba3d77-3.el9_0.4","edk2-0:20220126gitbb1bba3d77-4.el8_8.3","edk2-0:20220126gitbb1bba3d77-6.el8_9.6","edk2-0:20190829git37eef91017ad-9.el8_2.3","edk2-0:20221207gitfff6d81270b5-9.el9_2.2","edk2-0:20230524-4.el9_3.2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45230.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-45231","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":[],"bugzilla":"2258688","bugzilla_description":"edk2: Out of Bounds read when handling a ND Redirect message with truncated options","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45231.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2023-45232","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":[],"bugzilla":"2258691","bugzilla_description":"edk2: Infinite loop when parsing unknown options in the Destination Options header","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45232.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-45233","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":[],"bugzilla":"2258694","bugzilla_description":"edk2: Infinite loop when parsing a PadN option in the Destination Options header","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45233.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-45234","severity":"important","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1075","RHSA-2024:1063","RHSA-2024:1077","RHSA-2024:1076","RHSA-2024:1305","RHSA-2024:1415"],"bugzilla":"2258697","bugzilla_description":"edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["edk2-0:20200602gitca407c7246bf-4.el8_4.5","edk2-0:20220126gitbb1bba3d77-3.el9_0.4","edk2-0:20220126gitbb1bba3d77-4.el8_8.3","edk2-0:20220126gitbb1bba3d77-6.el8_9.6","edk2-0:20221207gitfff6d81270b5-9.el9_2.2","edk2-0:20230524-4.el9_3.2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45234.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-45235","severity":"important","public_date":"2024-01-16T00:00:00Z","advisories":[],"bugzilla":"2258700","bugzilla_description":"edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45235.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-45236","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":[],"bugzilla":"2258703","bugzilla_description":"edk2: Predictable TCP Initial Sequence Numbers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45236.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2023-45237","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":[],"bugzilla":"2258706","bugzilla_description":"edk2: Use of a Weak PseudoRandom Number Generator","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-338","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45237.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2024-20960","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258771","bugzilla_description":"mysql: Server: RAPID unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20960.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-20961","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258772","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20961.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-20962","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258773","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20962.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-20963","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258774","bugzilla_description":"mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20963.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-20964","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258775","bugzilla_description":"mysql: Server: Security: Privileges unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20964.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2024-20965","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258776","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20965.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20966","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258777","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20966.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20967","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258778","bugzilla_description":"mysql: Server: Replication unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20967.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-20968","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258779","bugzilla_description":"mysql: Server: Options unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20968.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-20969","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258780","bugzilla_description":"mysql: Server: DDL unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20969.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-20970","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258781","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20970.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20971","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258782","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20971.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20972","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258783","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20972.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20973","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258784","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20973.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-20974","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258785","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20974.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20975","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":[],"bugzilla":"2258786","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20975.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-20976","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258787","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20976.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20977","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258788","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20977.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2024-20978","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258789","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20978.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20981","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258790","bugzilla_description":"mysql: Server: DDL unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20981.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20982","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258791","bugzilla_description":"mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20982.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20983","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258792","bugzilla_description":"mysql: Server: DML unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20983.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.9"},{"CVE":"CVE-2024-20984","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258793","bugzilla_description":"mysql: Server : Security : Firewall unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20984.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2024-20985","severity":"moderate","public_date":"2024-01-16T00:00:00Z","advisories":["RHSA-2024:1141","RHSA-2024:0894"],"bugzilla":"2258794","bugzilla_description":"mysql: Server: UDF unspecified vulnerability (CPU Jan 2024)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["mysql:8.0-8090020240126173013.a75119d5","mysql-0:8.0.36-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20985.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2023-6915","severity":"moderate","public_date":"2024-01-15T00:00:00Z","advisories":[],"bugzilla":"2254982","bugzilla_description":"kernel: Null Pointer Dereference vulnerability in ida_free in lib/idr.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6915.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2023-6237","severity":"low","public_date":"2024-01-15T00:00:00Z","advisories":[],"bugzilla":"2258502","bugzilla_description":"openssl: Excessive time spent checking invalid RSA public keys","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6237.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2024-0822","severity":"important","public_date":"2024-01-15T00:00:00Z","advisories":["RHSA-2024:0934"],"bugzilla":"2258509","bugzilla_description":"ovirt: authentication bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1390","affected_packages":["ovirt-engine-0:4.5.3.10-1.el8ev"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0822.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2023-51257","severity":"low","public_date":"2024-01-14T00:00:00Z","advisories":[],"bugzilla":"2258400","bugzilla_description":"jasper: Invalid memory write","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-131","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51257.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2024-23301","severity":"moderate","public_date":"2024-01-13T00:00:00Z","advisories":["RHSA-2024:1147"],"bugzilla":"2258396","bugzilla_description":"rear: creates a world-readable initrd","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-359","affected_packages":["rear-0:2.6-21.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23301.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2023-6683","severity":"moderate","public_date":"2024-01-12T00:00:00Z","advisories":[],"bugzilla":"2254825","bugzilla_description":"QEMU: VNC: NULL pointer dereference in qemu_clipboard_request()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6683.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2023-6040","severity":"moderate","public_date":"2024-01-12T00:00:00Z","advisories":[],"bugzilla":"2258013","bugzilla_description":"kernel: netfilter: nf_tables: out-of-bounds access in nf_tables_newtable()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6040.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2023-50290","severity":"important","public_date":"2024-01-12T00:00:00Z","advisories":[],"bugzilla":"2258132","bugzilla_description":": Apache Solr: Host environment variables are published via the Metrics API","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50290.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2023-46749","severity":"moderate","public_date":"2024-01-12T00:00:00Z","advisories":[],"bugzilla":"2258134","bugzilla_description":"shiro: path traversal attack may lead to authentication bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22->CWE-288","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46749.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-21654","severity":"moderate","public_date":"2024-01-12T00:00:00Z","advisories":[],"bugzilla":"2258494","bugzilla_description":"rubygems: MFA bypass through password reset function could allow account takeover","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21654.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.8"},{"CVE":"CVE-2024-22195","severity":"moderate","public_date":"2024-01-11T00:00:00Z","advisories":["RHSA-2024:1057","RHSA-2024:1155"],"bugzilla":"2257854","bugzilla_description":"jinja2: HTML attribute injection when passing user input as keys to xmlattr filter","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["fence-agents-0:4.10.0-20.el9_0.11","python3x-jinja2-0:3.1.3-1.el8ap","python-jinja2-0:3.1.3-1.el9ap"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22195.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2023-5455","severity":"moderate","public_date":"2024-01-10T06:30:00Z","advisories":["RHSA-2024:0140","RHSA-2024:0141","RHSA-2024:0252","RHSA-2024:0142","RHSA-2024:0143","RHSA-2024:0144","RHSA-2024:0145","RHSA-2024:0137","RHSA-2024:0138","RHSA-2024:0139"],"bugzilla":"2242828","bugzilla_description":"ipa: Invalid CSRF protection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-352","affected_packages":["idm:DL1-8020020231123154806.792f4060","idm:DL1-8040020231123154610.5b01ab7e","idm:DL1-8090020231201152514.3387e3d0","krb5-0:1.18.2-16.el8_6","idm:DL1-8080020231201153604.b0a6ceea","idm:DL1-8060020231208020207.ada582f1","ipa-0:4.9.8-9.el9_0","ipa-0:4.10.2-5.el9_3","ipa-0:4.6.8-5.el7_9.16","ipa-0:4.10.1-10.el9_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5455.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2024-21319","severity":"moderate","public_date":"2024-01-10T00:00:00Z","advisories":["RHSA-2024:0150","RHSA-2024:0151","RHSA-2024:0152","RHSA-2024:0255","RHSA-2024:0156","RHSA-2024:0157","RHSA-2024:0158"],"bugzilla":"2257566","bugzilla_description":"dotnet: .NET Denial of Service Vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["dotnet6.0-0:6.0.126-1.el9_3","dotnet7.0-0:7.0.115-1.el8_9","dotnet7.0-0:7.0.115-1.el9_3","rh-dotnet60-dotnet-0:6.0.126-1.el7_9","dotnet6.0-0:6.0.126-1.el8_9","dotnet8.0-0:8.0.101-1.el8_9","dotnet8.0-0:8.0.101-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21319.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2023-51780","severity":"moderate","public_date":"2024-01-10T00:00:00Z","advisories":[],"bugzilla":"2257682","bugzilla_description":"kernel: use-after-free in net/atm/ioctl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51780.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2023-51781","severity":"moderate","public_date":"2024-01-10T00:00:00Z","advisories":[],"bugzilla":"2257683","bugzilla_description":"kernel: use-after-free in net/appletalk/ddp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51781.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2023-45139","severity":"moderate","public_date":"2024-01-10T00:00:00Z","advisories":[],"bugzilla":"2257808","bugzilla_description":"fonttools: XML External Entity Injection (XXE) Vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-611","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45139.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2023-49295","severity":"moderate","public_date":"2024-01-10T00:00:00Z","advisories":["RHSA-2024:0855"],"bugzilla":"2257815","bugzilla_description":"quic-go: memory exhaustion attack against QUIC's path validation mechanism","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["receptor-0:1.4.4-1.el8ap","receptor-0:1.4.4-1.el9ap"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49295.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2023-6476","severity":"moderate","public_date":"2024-01-09T21:00:00Z","advisories":["RHSA-2024:0207","RHSA-2024:0195"],"bugzilla":"2253994","bugzilla_description":"cri-o: Pods are able to break out of resource confinement on cgroupv2","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["cri-o-0:1.27.2-7.rhaos4.14.git1cc7a64.el9","cri-o-0:1.26.4-6.1.rhaos4.13.git9eb9cf3.el9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6476.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2023-4001","severity":"moderate","public_date":"2024-01-09T00:00:00Z","advisories":["RHSA-2024:0437","RHSA-2024:0456","RHSA-2024:0468"],"bugzilla":"2224951","bugzilla_description":"grub2: bypass the GRUB password protection feature","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-290","affected_packages":["grub2-1:2.06-27.el9_0.16","grub2-1:2.06-70.el9_3.2","grub2-1:2.06-61.el9_2.2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4001.json","cvss3_scoring_vector":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2023-20573","severity":"low","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2253702","bugzilla_description":"kernel: hw: AMD Secure Nested Paging Debug Exception","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1301","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-20573.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N","cvss3_score":"3.2"},{"CVE":"CVE-2024-0056","severity":"important","public_date":"2024-01-09T00:00:00Z","advisories":["RHSA-2024:0150","RHSA-2024:0151","RHSA-2024:0152","RHSA-2024:0255","RHSA-2024:0156","RHSA-2024:0157","RHSA-2024:0158"],"bugzilla":"2255384","bugzilla_description":"dotnet: Information Disclosure: MD.SqlClient(MDS) & System.data.SQLClient (SDS)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-420","affected_packages":["dotnet6.0-0:6.0.126-1.el9_3","dotnet7.0-0:7.0.115-1.el8_9","dotnet7.0-0:7.0.115-1.el9_3","rh-dotnet60-dotnet-0:6.0.126-1.el7_9","dotnet6.0-0:6.0.126-1.el8_9","dotnet8.0-0:8.0.101-1.el8_9","dotnet8.0-0:8.0.101-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0056.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2024-0057","severity":"important","public_date":"2024-01-09T00:00:00Z","advisories":["RHSA-2024:0150","RHSA-2024:0151","RHSA-2024:0152","RHSA-2024:0255","RHSA-2024:0156","RHSA-2024:0157","RHSA-2024:0158"],"bugzilla":"2255386","bugzilla_description":"dotnet: X509 Certificates - Validation Bypass across Azure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":["dotnet6.0-0:6.0.126-1.el9_3","dotnet7.0-0:7.0.115-1.el8_9","dotnet7.0-0:7.0.115-1.el9_3","rh-dotnet60-dotnet-0:6.0.126-1.el7_9","dotnet6.0-0:6.0.126-1.el8_9","dotnet8.0-0:8.0.101-1.el8_9","dotnet8.0-0:8.0.101-1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0057.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2024-0395","severity":null,"public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2255389","bugzilla_description":"cptutils: Memory leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0395.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2023-41056","severity":"important","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2257454","bugzilla_description":"redis: Heap Buffer Overflow may lead to potential remote code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41056.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2023-6129","severity":"low","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2257571","bugzilla_description":"openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-328","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6129.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2022-36763","severity":"moderate","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2257582","bugzilla_description":"EDK2: heap buffer overflow in Tcg2MeasureGptTable()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-680","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36763.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2022-36764","severity":"moderate","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2257583","bugzilla_description":"EDK2: heap buffer overflow in Tcg2MeasurePeImage()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-680","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36764.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2022-36765","severity":"moderate","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2257584","bugzilla_description":"EDK2: integer overflow in CreateHob() could lead to HOB OOB R/W","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-680","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36765.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2024-21664","severity":"moderate","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2257608","bugzilla_description":"jwx: parsing JSON serialized payload without protected field can lead to panic","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21664.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-21312","severity":"important","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2257695","bugzilla_description":"dotnet: Denial of Service Vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21312.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-20672","severity":"important","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2257696","bugzilla_description":"dotnet: dotnet core Denial of Service Vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20672.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-49569","severity":"critical","public_date":"2024-01-09T00:00:00Z","advisories":["RHSA-2024:1052","RHSA-2024:0692","RHSA-2024:0833","RHSA-2024:0845","RHSA-2024:0735","RHSA-2024:0989","RHSA-2024:0729","RHSA-2024:0880","RHSA-2024:0298","RHSA-2024:0740","RHSA-2024:0641","RHSA-2024:0741","RHSA-2024:0642","RHSA-2023:7198","RHSA-2024:0820","RHSA-2023:7197","RHSA-2024:0832","RHSA-2024:0843"],"bugzilla":"2258143","bugzilla_description":"go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":["openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8:1.10.0-5","rhacm2/cert-policy-controller-rhel8:v2.7.11-7","openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.10.0-4","rhacm2/prometheus-rhel8:v2.7.11-5","openshift4/ose-operator-registry-rhel9:v4.15.0-202402131807.p0.g0e8b957.assembly.stream.el9","openshift4/ose-operator-sdk-rhel8:v4.12.0-202402081808.p0.g0bd975e.assembly.stream.el8","rhacm2/acm-governance-policy-addon-controller-rhel8:v2.7.11-6","openshift-serverless-1-tech-preview/logic-swf-builder-rhel8:1.31.0-5","rhacm2/acm-search-indexer-rhel8:v2.7.11-4","rhacm2/thanos-rhel8:v2.7.11-6","rhacm2/multicluster-operators-channel-rhel8:v2.7.11-5","openshift-serverless-1/serving-storage-version-migration-rhel8:1.10.0-4","openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.10.0-3","rhacm2/cluster-backup-rhel8-operator:v2.7.11-10","rhacm2/kube-rbac-proxy-rhel8:v2.7.11-5","openshift-serverless-1/eventing-storage-version-migration-rhel8:1.10.0-4","openshift4/ose-ansible-operator:v4.13.0-202402020908.p0.g01bfabb.assembly.stream","rhacm2/memcached-rhel8:v2.7.11-5","rhacm2/console-rhel8:v2.7.11-6","openshift4/ose-olm-rukpak-rhel8:v4.15.0-202402082307.p0.g36acf8d.assembly.stream.el8","rhacm2/acm-volsync-addon-controller-rhel8:v2.7.11-6","openshift-gitops-1/must-gather-rhel8:v1.10.2-2","openshift4/ose-olm-catalogd-rhel8:v4.14.0-202401292111.p0.ga333cb0.assembly.stream","rhacm2/governance-policy-propagator-rhel8:v2.7.11-5","openshift-serverless-1/serving-domain-mapping-webhook-rhel8:1.10.0-4","openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.10.0-4","rhacm2/thanos-receive-controller-rhel8:v2.7.11-5","openshift-serverless-1/ingress-rhel8-operator:1.31.1-2","rhacm2/klusterlet-addon-controller-rhel8:v2.7.11-5","openshift4/ose-olm-rukpak-rhel8:v4.12.0-202402161937.p0.gf219ce7.assembly.stream.el8","openshift4/ose-operator-lifecycle-manager:v4.12.0-202402111607.p0.g9dd28b4.assembly.stream.el8","openshift-serverless-1/eventing-mtping-rhel8:1.10.0-4","rhacm2/acm-search-v2-api-rhel8:v2.7.11-5","openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8:1.31.0-4","openshift-serverless-1/serving-autoscaler-rhel8:1.10.0-4","rhacm2/prometheus-alertmanager-rhel8:v2.7.11-5","openshift-serverless-clients-0:1.10.0-6.el8","openshift4/ose-operator-lifecycle-manager:v4.13.0-202402081808.p0.g4cc5232.assembly.stream.el8","openshift-serverless-1/serving-controller-rhel8:1.10.0-4","openshift-serverless-1/serving-activator-rhel8:1.10.0-4","openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.10.0-3","rhacm2/memcached-exporter-rhel8:v2.7.11-5","openshift4/ose-operator-sdk-rhel8:v4.15.0-202402210637.p0.g08d08dd.assembly.stream.el8","openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8:1.10.0-4","openshift-serverless-1/serving-domain-mapping-rhel8:1.10.0-4","openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.10.0-4","rhacm2/search-collector-rhel8:v2.7.11-5","openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.10.0-3","openshift-serverless-1/kn-cli-artifacts-rhel8:1.10.0-3","rhacm2/grafana-dashboard-loader-rhel8:v2.7.11-4","rhacm2/multicluster-operators-subscription-rhel8:v2.9.2-2","openshift-serverless-1/eventing-webhook-rhel8:1.10.0-4","rhacm2/insights-client-rhel8:v2.7.11-5","openshift-serverless-1/serverless-rhel8-operator:1.31.1-2","openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.10.0-4","openshift4/ose-operator-registry:v4.12.0-202402111607.p0.g9dd28b4.assembly.stream.el8","openshift-gitops-1/kam-delivery-rhel8:v1.10.2-2","openshift-serverless-1/func-utils-rhel8:1.31.1-2","rhacm2/observatorium-rhel8-operator:v2.7.11-6","openshift-serverless-1/net-istio-controller-rhel8:1.10.0-4","openshift-serverless-1/client-kn-rhel8:1.10.0-5","openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.10.0-4","rhacm2/observatorium-rhel8:v2.7.11-5","rhacm2/acm-grafana-rhel8:v2.7.11-6","openshift4/ose-operator-lifecycle-manager:v4.14.0-202402010409.p0.gb831504.assembly.stream","openshift-gitops-1/gitops-rhel8-operator:v1.10.2-2","rhacm2/acm-prometheus-config-reloader-rhel8:v2.7.11-5","openshift-serverless-1/eventing-kafka-broker-receiver-rhel8:1.10.0-3","openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.10.0-4","rhacm2/multicluster-operators-subscription-rhel8:v2.8.5-6","openshift4/ose-helm-operator:v4.14.0-202401301709.p0.g0f0d1b2.assembly.stream","rhacm2/acm-prometheus-rhel8:v2.7.11-5","openshift4/ose-olm-catalogd-rhel8:v4.15.0-202402082307.p0.gc1a9a8e.assembly.stream.el8","rhacm2/acm-operator-bundle:v2.7.11-14","rhacm2/submariner-addon-rhel8:v2.7.11-7","rhacm2/acm-must-gather-rhel8:v2.7.11-5","rhacm2/iam-policy-controller-rhel8:v2.7.11-7","openshift4/ose-operator-registry:v4.14.0-202402010409.p0.gb831504.assembly.stream","openshift4/ose-helm-operator:v4.12.0-202402081808.p0.g0bd975e.assembly.stream.el8","openshift-gitops-1/gitops-operator-bundle:v1.10.2-2","openshift-gitops-1/argo-rollouts-rhel8:v1.10.2-2","rhacm2/multiclusterhub-rhel8:v2.7.11-7","openshift4/ose-olm-operator-controller-rhel8:v4.14.0-202401292111.p0.gfb6fb27.assembly.stream","openshift-serverless-1/net-istio-webhook-rhel8:1.10.0-4","rhacm2/multicluster-operators-subscription-rhel8:v2.7.11-6","rhacm2/acm-governance-policy-framework-addon-rhel8:v2.7.11-6","openshift4/ose-operator-sdk-rhel8:v4.13.0-202402071637.p0.g01bfabb.assembly.stream.el8","openshift4/ose-olm-rukpak-rhel8:v4.13.0-202402070238.p0.gaf47118.assembly.stream.el8","openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.10.0-4","rhacm2/endpoint-monitoring-rhel8-operator:v2.7.11-5","openshift4/ose-ansible-operator:v4.12.0-202402081808.p0.g0bd975e.assembly.stream.el8","openshift4/ose-olm-operator-controller-rhel8:v4.15.0-202402082307.p0.ge290693.assembly.stream.el8","openshift4/ose-helm-operator:v4.15.0-202402082307.p0.g08d08dd.assembly.stream.el8","openshift-serverless-1/serving-queue-rhel8:1.10.0-4","openshift-serverless-1/serverless-operator-bundle:1.31.1-1","rhacm2/multicluster-operators-application-rhel8:v2.7.11-5","openshift-serverless-1/knative-rhel8-operator:1.31.1-2","openshift4/ose-olm-rukpak-rhel8:v4.14.0-202402060410.p0.g2287fb2.assembly.stream","openshift-serverless-1/serving-webhook-rhel8:1.10.0-4","rhacm2/metrics-collector-rhel8:v2.7.11-4","openshift-gitops-1/dex-rhel8:v1.10.2-2","openshift4/ose-operator-registry:v4.13.0-202402081808.p0.g4cc5232.assembly.stream.el8","rhacm2/acm-search-v2-rhel8:v2.7.11-5","rhacm2/kube-state-metrics-rhel8:v2.7.11-5","rhacm2/multicloud-integrations-rhel8:v2.7.11-6","rhacm2/multicluster-observability-rhel8-operator:v2.7.11-4","rhacm2/node-exporter-rhel8:v2.7.11-5","openshift-gitops-1/console-plugin-rhel8:v1.10.2-2","openshift4/ose-operator-lifecycle-manager-rhel9:v4.15.0-202402131807.p0.g0e8b957.assembly.stream.el9","rhacm2/rbac-query-proxy-rhel8:v2.7.11-4","openshift4/ose-ansible-operator:v4.14.0-202401301709.p0.g0f0d1b2.assembly.stream","openshift-serverless-1/kourier-control-rhel8:1.10.0-4","openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.10.0-3","rhacm2/config-policy-controller-rhel8:v2.7.11-6","openshift-serverless-1/svls-must-gather-rhel8:1.31.1-2","openshift4/ose-operator-sdk-rhel8:v4.14.0-202401301709.p0.g0f0d1b2.assembly.stream","openshift-gitops-1/gitops-rhel8:v1.10.2-2","openshift-serverless-1/eventing-istio-controller-rhel8:1.10.0-5","rhacm2/insights-metrics-rhel8:v2.7.11-6","openshift4/ose-helm-operator:v4.13.0-202402020908.p0.g01bfabb.assembly.stream","openshift4/ose-ansible-operator:v4.15.0-202402082307.p0.g08d08dd.assembly.stream.el8","multicluster-globalhub/multicluster-globalhub-grafana-rhel8:v1.0.2-4","openshift-gitops-1/argocd-rhel8:v1.10.2-2","openshift-serverless-1/eventing-controller-rhel8:1.10.0-4"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49569.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2024-23897","severity":"critical","public_date":"2024-01-09T00:00:00Z","advisories":["RHSA-2024:0778","RHSA-2024:0775","RHSA-2024:0776"],"bugzilla":"2260180","bugzilla_description":"jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-88","affected_packages":["jenkins-0:2.426.3.1706515686-3.el8","jenkins-0:2.426.3.1706516929-3.el8","jenkins-0:2.426.3.1706516254-3.el8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23897.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2024-23898","severity":"important","public_date":"2024-01-09T00:00:00Z","advisories":["RHSA-2024:0778","RHSA-2024:0775","RHSA-2024:0776"],"bugzilla":"2260182","bugzilla_description":"jenkins: cross-site WebSocket hijacking","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["jenkins-0:2.426.3.1706515686-3.el8","jenkins-0:2.426.3.1706516929-3.el8","jenkins-0:2.426.3.1706516254-3.el8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23898.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2024-23899","severity":"important","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2260183","bugzilla_description":"jenkins-2-plugins: git-server plugin arbitrary file read vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-88","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23899.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2024-23900","severity":"moderate","public_date":"2024-01-09T00:00:00Z","advisories":[],"bugzilla":"2260184","bugzilla_description":"jenkins-2-plugins: matrix-project plugin path traversal vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-23","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23900.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.6"},{"CVE":"CVE-2024-0582","severity":"important","public_date":"2024-01-08T00:00:00Z","advisories":[],"bugzilla":"2254050","bugzilla_description":"kernel: io_uring: page use-after-free vulnerability via buffer ring mmap","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0582.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2024-21647","severity":"important","public_date":"2024-01-08T00:00:00Z","advisories":[],"bugzilla":"2257340","bugzilla_description":"rubygem-puma: HTTP request smuggling when parsing chunked Transfer-Encoding Bodies","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-444","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21647.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-52323","severity":"moderate","public_date":"2024-01-05T00:00:00Z","advisories":["RHSA-2024:1057","RHSA-2024:1155"],"bugzilla":"2257028","bugzilla_description":"pycryptodome: side-channel leakage for OAEP decryption in PyCryptodome and pycryptodomex","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-203","affected_packages":["fence-agents-0:4.10.0-20.el9_0.11","python3x-pycryptodomex-0:3.20.0-1.el8ap","python-pycryptodomex-0:3.20.0-1.el9ap"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52323.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2024-1979","severity":"moderate","public_date":"2024-01-05T00:00:00Z","advisories":[],"bugzilla":"2266690","bugzilla_description":"quarkus: information leak in annotation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1979.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N","cvss3_score":"3.5"},{"CVE":"CVE-2023-6596","severity":"important","public_date":"2024-01-04T00:00:00Z","advisories":["RHSA-2024:0682","RHSA-2024:0485"],"bugzilla":"2253521","bugzilla_description":"openshift: incomplete fix for Rapid Reset (CVE-2023-44487/CVE-2023-39325)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["openshift4/ose-operator-lifecycle-manager:v4.12.0-202401190520.p0.g4b287bd.assembly.stream","openshift4/ose-operator-lifecycle-manager:v4.11.0-202401301508.p0.g5ea0428.assembly.stream"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6596.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-6270","severity":"moderate","public_date":"2024-01-04T00:00:00Z","advisories":[],"bugzilla":"2256786","bugzilla_description":"kernel: AoE: improper reference count leads to use-after-free vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-911->CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6270.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2024-22051","severity":"important","public_date":"2024-01-04T00:00:00Z","advisories":[],"bugzilla":"2256887","bugzilla_description":"commonmarker: integer overflow in cmark-gfm's table row parsing may lead to heap memory corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22051.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2024-22047","severity":"low","public_date":"2024-01-04T00:00:00Z","advisories":[],"bugzilla":"2256891","bugzilla_description":"audited: race condition can lead to audit logs being incorrectly attributed to the wrong user","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22047.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2023-7207","severity":"moderate","public_date":"2024-01-04T00:00:00Z","advisories":[],"bugzilla":"2266856","bugzilla_description":"cpio: path traversal vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-7207.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2023-49558","severity":null,"public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256600","bugzilla_description":"YASM: allows a remote attacker to cause a denial of service via the expand_mmac_params","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49558.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2023-49557","severity":null,"public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256605","bugzilla_description":"YASM: remote attacker to cause a denial of service via the yasm_section_bcs_first","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49557.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2023-49556","severity":null,"public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256608","bugzilla_description":"yasm: remote attacker to cause a denial of service via the expr_delete_term","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49556.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2023-49554","severity":null,"public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256611","bugzilla_description":"yasm: remote attacker cause a denial of service via the do_directive function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49554.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2023-49555","severity":null,"public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256612","bugzilla_description":"yasm: remote attacker cause a denial of service via the expand_smacro","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49555.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2024-0217","severity":"low","public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256624","bugzilla_description":"PackageKitd: Use-After-Free in Idle Function Callback","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0217.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2024-0211","severity":"moderate","public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256652","bugzilla_description":"wireshark: DOCSIS dissector crash via packet injection or crafted capture file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0211.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-0210","severity":"moderate","public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256654","bugzilla_description":"wireshark: Zigbee TLV dissector crash via packet injection or crafted capture file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0210.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-0209","severity":"moderate","public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256656","bugzilla_description":"wireshark: IEEE 1609.2 dissector crash via packet injection or crafted capture file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0209.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-0208","severity":"moderate","public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256659","bugzilla_description":"wireshark: GVCP dissector crash via packet injection or crafted capture file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0208.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2024-0207","severity":"moderate","public_date":"2024-01-03T00:00:00Z","advisories":[],"bugzilla":"2256661","bugzilla_description":"wireshark: HTTP3 dissector crash via packet injection or crafted capture file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0207.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2023-6693","severity":"moderate","public_date":"2024-01-02T00:00:00Z","advisories":[],"bugzilla":"2254580","bugzilla_description":"QEMU: virtio-net: stack buffer overflow in virtio_net_flush_tx()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6693.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.9"},{"CVE":"CVE-2024-0193","severity":"important","public_date":"2024-01-02T00:00:00Z","advisories":["RHSA-2024:1248","RHSA-2024:1019","RHSA-2024:1018"],"bugzilla":"2255653","bugzilla_description":"kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-rt-0:5.14.0-284.55.1.rt14.340.el9_2","kernel-0:5.14.0-284.55.1.el9_2","kernel-0:5.14.0-362.24.1.el9_3"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0193.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2023-26159","severity":"moderate","public_date":"2024-01-02T00:00:00Z","advisories":["RHSA-2024:0998","RHSA-2024:0271","RHSA-2024:1027","RHSA-2024:0720","RHSA-2023:7198","RHSA-2024:0853"],"bugzilla":"2256413","bugzilla_description":"follow-redirects: Improper Input Validation due to the improper handling of URLs by the url.parse()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["mta/mta-pathfinder-rhel9:6.2.2-2","rhosdt/jaeger-agent-rhel8:1.53.0-2","rhosdt/tempo-gateway-opa-rhel8:1.0.0-1","mta/mta-hub-rhel9:6.2.2-2","rhosdt/tempo-gateway-rhel8:1.0.0-1","rhosdt/opentelemetry-rhel8-operator:0.93.0-2","rhosdt/tempo-rhel8-operator:0.8.0-2","rhosdt/jaeger-all-in-one-rhel8:1.53.0-2","rhosdt/jaeger-collector-rhel8:1.53.0-2","rhosdt/opentelemetry-target-allocator-rhel8:0.93.0-3","mta/mta-windup-addon-rhel9:6.2.2-3","mta/mta-rhel8-operator:6.2.2-3","mta/mta-ui-rhel9:6.2.2-2","rhosdt/jaeger-query-rhel8:1.53.0-2","rhosdt/jaeger-es-rollover-rhel8:1.53.0-2","rhosdt/tempo-rhel8:2.3.1-2","mta/mta-operator-bundle:6.2.2-5","openshift4/ose-monitoring-plugin-rhel8:v4.15.0-202402082307.p0.gc3d2272.assembly.stream.el8","follow-redirects","rhosdt/jaeger-es-index-cleaner-rhel8:1.53.0-2","rhosdt/jaeger-ingester-rhel8:1.53.0-2","rhosdt/opentelemetry-operator-bundle:0.93.0-8","rhosdt/tempo-query-rhel8:0.8.0-3","rhosdt/jaeger-operator-bundle:1.53.0-15","openshift-logging/logging-view-plugin-rhel9:v5.8.2-3","rhosdt/opentelemetry-collector-rhel8:0.93.0-3","rhosdt/tempo-operator-bundle:0.8.0-8","rhosdt/jaeger-rhel8-operator:1.53.0-3","network-observability/network-observability-console-plugin-rhel9:v1.5.0-89"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26159.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2023-7104","severity":"moderate","public_date":"2023-12-29T00:00:00Z","advisories":["RHSA-2024:1081","RHSA-2024:0253","RHSA-2024:0465","RHSA-2024:1107","RHSA-2024:0589"],"bugzilla":"2256194","bugzilla_description":"sqlite: heap-buffer-overflow at sessionfuzz","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["sqlite-0:3.34.1-7.el9_3","sqlite-0:3.26.0-18.el8_8.1","sqlite-0:3.34.1-6.el9_2.1","sqlite-0:3.26.0-16.el8_6.2","sqlite-0:3.26.0-19.el8_9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-7104.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2023-6879","severity":"important","public_date":"2023-12-28T00:00:00Z","advisories":[],"bugzilla":"2256053","bugzilla_description":"aom: heap-buffer-overflow on frame size change","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122->CWE-125","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6879.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2023-52079","severity":"moderate","public_date":"2023-12-28T00:00:00Z","advisories":[],"bugzilla":"2256134","bugzilla_description":"msgpackr: crafted message leads to Denial of Service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-674|CWE-754)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52079.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2023-6681","severity":"moderate","public_date":"2023-12-28T00:00:00Z","advisories":[],"bugzilla":"2260843","bugzilla_description":"JWCrypto: denail of service Via specifically crafted JWE","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6681.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2023-51074","severity":"moderate","public_date":"2023-12-27T00:00:00Z","advisories":["RHSA-2024:0789","RHSA-2024:0792"],"bugzilla":"2256063","bugzilla_description":"json-path: stack-based buffer overflow in Criteria.parse method","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["json-path"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51074.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2023-51079","severity":"moderate","public_date":"2023-12-27T00:00:00Z","advisories":[],"bugzilla":"2256065","bugzilla_description":"mvel: TimeOut error when calling ParseTools.subCompileExpression() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51079.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2023-51779","severity":"moderate","public_date":"2023-12-25T00:00:00Z","advisories":[],"bugzilla":"2256822","bugzilla_description":"kernel: bluetooth: bt_sock_ioctl race condition leads to use-after-free in bt_sock_recvmsg","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362->CWE-416","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51779.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2023-51767","severity":"moderate","public_date":"2023-12-24T00:00:00Z","advisories":[],"bugzilla":"2255850","bugzilla_description":"openssh: authentication bypass via row hammer attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51767.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2023-51714","severity":"moderate","public_date":"2023-12-24T00:00:00Z","advisories":[],"bugzilla":"2255856","bugzilla_description":"qt: incorrect integer overflow check","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51714.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-49568","severity":"important","public_date":"2023-12-24T00:00:00Z","advisories":["RHSA-2024:1052","RHSA-2024:0691","RHSA-2024:0692","RHSA-2024:0833","RHSA-2024:0845","RHSA-2024:0735","RHSA-2024:0989","RHSA-2024:0729","RHSA-2024:0880","RHSA-2024:0298","RHSA-2024:0740","RHSA-2024:0641","RHSA-2024:0741","RHSA-2024:0642","RHSA-2024:0820","RHSA-2024:0832","RHSA-2024:0843"],"bugzilla":"2258165","bugzilla_description":"go-git: Maliciously crafted Git server replies can cause DoS on go-git clients","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8:1.10.0-5","rhacm2/cert-policy-controller-rhel8:v2.7.11-7","openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.10.0-4","rhacm2/prometheus-rhel8:v2.7.11-5","openshift4/ose-operator-sdk-rhel8:v4.12.0-202402081808.p0.g0bd975e.assembly.stream.el8","rhacm2/acm-governance-policy-addon-controller-rhel8:v2.7.11-6","openshift-serverless-1-tech-preview/logic-swf-builder-rhel8:1.31.0-5","rhacm2/acm-search-indexer-rhel8:v2.7.11-4","rhacm2/thanos-rhel8:v2.7.11-6","rhacm2/multicluster-operators-channel-rhel8:v2.7.11-5","openshift-gitops-1/argocd-rhel8:v1.9.4-1","openshift-serverless-1/serving-storage-version-migration-rhel8:1.10.0-4","openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.10.0-3","rhacm2/cluster-backup-rhel8-operator:v2.7.11-10","rhacm2/kube-rbac-proxy-rhel8:v2.7.11-5","openshift-gitops-1/kam-delivery-rhel8:v1.9.4-1","openshift-serverless-1/eventing-storage-version-migration-rhel8:1.10.0-4","openshift4/ose-ansible-operator:v4.13.0-202402020908.p0.g01bfabb.assembly.stream","rhacm2/memcached-rhel8:v2.7.11-5","rhacm2/console-rhel8:v2.7.11-6","rhacm2/acm-volsync-addon-controller-rhel8:v2.7.11-6","openshift-gitops-1/must-gather-rhel8:v1.10.2-2","openshift4/ose-olm-catalogd-rhel8:v4.14.0-202401292111.p0.ga333cb0.assembly.stream","rhacm2/governance-policy-propagator-rhel8:v2.7.11-5","openshift-serverless-1/serving-domain-mapping-webhook-rhel8:1.10.0-4","openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.10.0-4","rhacm2/thanos-receive-controller-rhel8:v2.7.11-5","openshift-serverless-1/ingress-rhel8-operator:1.31.1-2","rhacm2/klusterlet-addon-controller-rhel8:v2.7.11-5","openshift4/ose-olm-rukpak-rhel8:v4.12.0-202402161937.p0.gf219ce7.assembly.stream.el8","openshift4/ose-operator-lifecycle-manager:v4.12.0-202402111607.p0.g9dd28b4.assembly.stream.el8","openshift-serverless-1/eventing-mtping-rhel8:1.10.0-4","rhacm2/acm-search-v2-api-rhel8:v2.7.11-5","openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8:1.31.0-4","openshift-serverless-1/serving-autoscaler-rhel8:1.10.0-4","rhacm2/prometheus-alertmanager-rhel8:v2.7.11-5","openshift-serverless-clients-0:1.10.0-6.el8","openshift4/ose-operator-lifecycle-manager:v4.13.0-202402081808.p0.g4cc5232.assembly.stream.el8","openshift-serverless-1/serving-controller-rhel8:1.10.0-4","openshift-serverless-1/serving-activator-rhel8:1.10.0-4","openshift-gitops-1/console-plugin-rhel8:v1.9.4-1","openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.10.0-3","rhacm2/memcached-exporter-rhel8:v2.7.11-5","openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8:1.10.0-4","openshift-serverless-1/serving-domain-mapping-rhel8:1.10.0-4","openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.10.0-4","rhacm2/search-collector-rhel8:v2.7.11-5","openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.10.0-3","openshift-serverless-1/kn-cli-artifacts-rhel8:1.10.0-3","rhacm2/grafana-dashboard-loader-rhel8:v2.7.11-4","rhacm2/multicluster-operators-subscription-rhel8:v2.9.2-2","openshift-serverless-1/eventing-webhook-rhel8:1.10.0-4","rhacm2/insights-client-rhel8:v2.7.11-5","openshift-serverless-1/serverless-rhel8-operator:1.31.1-2","openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.10.0-4","openshift4/ose-operator-registry:v4.12.0-202402111607.p0.g9dd28b4.assembly.stream.el8","openshift-gitops-1/kam-delivery-rhel8:v1.10.2-2","openshift-serverless-1/func-utils-rhel8:1.31.1-2","rhacm2/observatorium-rhel8-operator:v2.7.11-6","openshift-serverless-1/net-istio-controller-rhel8:1.10.0-4","openshift-serverless-1/client-kn-rhel8:1.10.0-5","openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.10.0-4","rhacm2/observatorium-rhel8:v2.7.11-5","rhacm2/acm-grafana-rhel8:v2.7.11-6","openshift4/ose-operator-lifecycle-manager:v4.14.0-202402010409.p0.gb831504.assembly.stream","openshift-gitops-1/gitops-rhel8-operator:v1.10.2-2","rhacm2/acm-prometheus-config-reloader-rhel8:v2.7.11-5","openshift-serverless-1/eventing-kafka-broker-receiver-rhel8:1.10.0-3","openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.10.0-4","rhacm2/multicluster-operators-subscription-rhel8:v2.8.5-6","openshift4/ose-helm-operator:v4.14.0-202401301709.p0.g0f0d1b2.assembly.stream","rhacm2/acm-prometheus-rhel8:v2.7.11-5","rhacm2/acm-operator-bundle:v2.7.11-14","rhacm2/submariner-addon-rhel8:v2.7.11-7","rhacm2/acm-must-gather-rhel8:v2.7.11-5","rhacm2/iam-policy-controller-rhel8:v2.7.11-7","openshift4/ose-operator-registry:v4.14.0-202402010409.p0.gb831504.assembly.stream","openshift4/ose-helm-operator:v4.12.0-202402081808.p0.g0bd975e.assembly.stream.el8","openshift-gitops-1/gitops-rhel8-operator:v1.9.4-1","openshift-gitops-1/gitops-operator-bundle:v1.10.2-2","openshift-gitops-1/gitops-operator-bundle:v1.9.4-1","openshift-gitops-1/argo-rollouts-rhel8:v1.10.2-2","rhacm2/multiclusterhub-rhel8:v2.7.11-7","openshift4/ose-olm-operator-controller-rhel8:v4.14.0-202401292111.p0.gfb6fb27.assembly.stream","openshift-serverless-1/net-istio-webhook-rhel8:1.10.0-4","rhacm2/multicluster-operators-subscription-rhel8:v2.7.11-6","rhacm2/acm-governance-policy-framework-addon-rhel8:v2.7.11-6","openshift4/ose-operator-sdk-rhel8:v4.13.0-202402071637.p0.g01bfabb.assembly.stream.el8","openshift4/ose-olm-rukpak-rhel8:v4.13.0-202402070238.p0.gaf47118.assembly.stream.el8","openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.10.0-4","rhacm2/endpoint-monitoring-rhel8-operator:v2.7.11-5","openshift4/ose-ansible-operator:v4.12.0-202402081808.p0.g0bd975e.assembly.stream.el8","openshift-serverless-1/serving-queue-rhel8:1.10.0-4","openshift-serverless-1/serverless-operator-bundle:1.31.1-1","rhacm2/multicluster-operators-application-rhel8:v2.7.11-5","openshift-serverless-1/knative-rhel8-operator:1.31.1-2","openshift4/ose-olm-rukpak-rhel8:v4.14.0-202402060410.p0.g2287fb2.assembly.stream","openshift-serverless-1/serving-webhook-rhel8:1.10.0-4","openshift-gitops-1/dex-rhel8:v1.9.4-1","rhacm2/metrics-collector-rhel8:v2.7.11-4","openshift-gitops-1/dex-rhel8:v1.10.2-2","openshift4/ose-operator-registry:v4.13.0-202402081808.p0.g4cc5232.assembly.stream.el8","rhacm2/acm-search-v2-rhel8:v2.7.11-5","rhacm2/kube-state-metrics-rhel8:v2.7.11-5","rhacm2/multicloud-integrations-rhel8:v2.7.11-6","rhacm2/multicluster-observability-rhel8-operator:v2.7.11-4","rhacm2/node-exporter-rhel8:v2.7.11-5","openshift-gitops-1/console-plugin-rhel8:v1.10.2-2","rhacm2/rbac-query-proxy-rhel8:v2.7.11-4","openshift4/ose-ansible-operator:v4.14.0-202401301709.p0.g0f0d1b2.assembly.stream","openshift-serverless-1/kourier-control-rhel8:1.10.0-4","openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.10.0-3","openshift-gitops-1/gitops-rhel8:v1.9.4-1","rhacm2/config-policy-controller-rhel8:v2.7.11-6","openshift-serverless-1/svls-must-gather-rhel8:1.31.1-2","openshift-gitops-1/argo-rollouts-rhel8:v1.9.4-1","openshift4/ose-operator-sdk-rhel8:v4.14.0-202401301709.p0.g0f0d1b2.assembly.stream","openshift-gitops-1/gitops-rhel8:v1.10.2-2","openshift-gitops-1/must-gather-rhel8:v1.9.4-1","openshift-serverless-1/eventing-istio-controller-rhel8:1.10.0-5","rhacm2/insights-metrics-rhel8:v2.7.11-6","openshift4/ose-helm-operator:v4.13.0-202402020908.p0.g01bfabb.assembly.stream","multicluster-globalhub/multicluster-globalhub-grafana-rhel8:v1.0.2-4","openshift-gitops-1/argocd-rhel8:v1.10.2-2","openshift-serverless-1/eventing-controller-rhel8:1.10.0-4"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49568.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-51704","severity":"moderate","public_date":"2023-12-22T00:00:00Z","advisories":[],"bugzilla":"2255582","bugzilla_description":"mediawiki: group-.*-member messages are not properly escaped on Special:log/rights","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-80","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51704.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2023-6200","severity":"important","public_date":"2023-12-21T00:00:00Z","advisories":[],"bugzilla":"2250377","bugzilla_description":"kernel: ICMPv6 Router Advertisement packets, aka Linux TCP/IP Remote Code Execution Vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6200.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-6546","severity":"important","public_date":"2023-12-21T00:00:00Z","advisories":["RHSA-2024:1306","RHSA-2024:0937","RHSA-2024:1250","RHSA-2024:1253","RHSA-2024:1055","RHSA-2024:0930","RHSA-2024:1019","RHSA-2024:1018"],"bugzilla":"2255498","bugzilla_description":"kernel: GSM multiplexing race condition leads to privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362->CWE-416","affected_packages":["kpatch-patch","kernel-rt-0:5.14.0-284.55.1.rt14.340.el9_2","kernel-0:5.14.0-70.93.2.el9_0","kernel-0:5.14.0-284.55.1.el9_2","kernel-0:4.18.0-372.93.1.el8_6","kernel-rt-0:5.14.0-70.93.1.rt21.165.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6546.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2023-6135","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0790","RHSA-2024:0791","RHSA-2024:0785","RHSA-2024:0786"],"bugzilla":"2249906","bugzilla_description":"nss: vulnerable to Minerva side-channel information leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["nss-0:3.90.0-6.el9_2","nss-0:3.90.0-6.el9_3","nss-0:3.90.0-6.el8_9","nss-0:3.90.0-6.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6135.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2023-6944","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":[],"bugzilla":"2255204","bugzilla_description":"RHDH: catalog-import function leaks credentials to frontend","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-209","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6944.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.7"},{"CVE":"CVE-2023-6932","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0723","RHSA-2024:0724","RHSA-2024:1306","RHSA-2024:0725","RHSA-2024:1250","RHSA-2024:1404"],"bugzilla":"2255283","bugzilla_description":"kernel: use-after-free in IPv4 IGMP","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-0:5.14.0-284.52.1.el9_2","kernel-0:4.18.0-372.91.1.el8_6","kernel-0:4.18.0-477.51.1.el8_8","kernel-rt-0:5.14.0-284.52.1.rt14.337.el9_2","kernel-0:5.14.0-70.93.2.el9_0","kernel-rt-0:5.14.0-70.93.1.rt21.165.el9_0"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6932.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2023-6856","severity":"important","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0021","RHSA-2024:0019","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0001","RHSA-2024:0024","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0025","RHSA-2024:0026","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255360","bugzilla_description":"Mozilla: Heap-buffer-overflow affecting WebGL DrawElementsInstanced
method with Mesa VM driver","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6856.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-6865","severity":"important","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0019","RHSA-2024:0021","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0024","RHSA-2024:0025","RHSA-2024:0026"],"bugzilla":"2255361","bugzilla_description":"Mozilla: Potential exposure of uninitialized data in EncryptingOutputStream
","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-908","affected_packages":["firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6865.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-6857","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0021","RHSA-2024:0019","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0001","RHSA-2024:0024","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0025","RHSA-2024:0026","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255362","bugzilla_description":"Mozilla: Symlinks may resolve to smaller than expected buffers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-363","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6857.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2023-6858","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0021","RHSA-2024:0019","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0001","RHSA-2024:0024","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0025","RHSA-2024:0026","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255363","bugzilla_description":"Mozilla: Heap buffer overflow in nsTextFragment
","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6858.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-6859","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0021","RHSA-2024:0019","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0001","RHSA-2024:0024","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0025","RHSA-2024:0026","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255364","bugzilla_description":"Mozilla: Use-after-free in PR_GetIdentitiesLayer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6859.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-6860","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0021","RHSA-2024:0019","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0001","RHSA-2024:0024","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0025","RHSA-2024:0026","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255365","bugzilla_description":"Mozilla: Potential sandbox escape due to VideoBridge
lack of texture validation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6860.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2023-6867","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0019","RHSA-2024:0021","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0024","RHSA-2024:0025","RHSA-2024:0026"],"bugzilla":"2255366","bugzilla_description":"Mozilla: Clickjacking permission prompts using the popup transition","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-1021","affected_packages":["firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6867.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2023-6861","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0021","RHSA-2024:0019","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0001","RHSA-2024:0024","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0025","RHSA-2024:0026","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255367","bugzilla_description":"Mozilla: Heap buffer overflow affected nsWindow::PickerOpen(void)
in headless mode","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6861.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-6862","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0021","RHSA-2024:0019","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0001","RHSA-2024:0024","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0025","RHSA-2024:0026","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255368","bugzilla_description":"Mozilla: Use-after-free in nsDNSService
","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6862.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-6863","severity":"low","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0021","RHSA-2024:0019","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0001","RHSA-2024:0024","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0025","RHSA-2024:0026","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255369","bugzilla_description":"Mozilla: Undefined behavior in ShutdownObserver()
","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6863.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2023-6864","severity":"important","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0021","RHSA-2024:0019","RHSA-2024:0011","RHSA-2024:0022","RHSA-2024:0012","RHSA-2024:0023","RHSA-2024:0001","RHSA-2024:0024","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0025","RHSA-2024:0026","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255370","bugzilla_description":"Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el8_9","firefox-0:115.6.0-1.el7_9","firefox-0:115.6.0-1.el8_8","firefox-0:115.6.0-1.el9_2","firefox-0:115.6.0-1.el8_2","firefox-0:115.6.0-1.el9_0","firefox-0:115.6.0-1.el8_6","firefox-0:115.6.0-1.el8_4","firefox-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6864.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2023-50761","severity":"important","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0001","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255378","bugzilla_description":"Mozilla: S/MIME signature accepted despite mismatching message date","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-347","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50761.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-50762","severity":"important","public_date":"2023-12-19T00:00:00Z","advisories":["RHSA-2024:0030","RHSA-2024:0001","RHSA-2024:0002","RHSA-2024:0003","RHSA-2024:0004","RHSA-2024:0027","RHSA-2024:0005","RHSA-2024:0028","RHSA-2024:0029"],"bugzilla":"2255379","bugzilla_description":"Mozilla: Truncated signed text was shown with a valid OpenPGP signature","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-347","affected_packages":["thunderbird-0:115.6.0-1.el8_4","thunderbird-0:115.6.0-1.el9_3","thunderbird-0:115.6.0-1.el8_6","thunderbird-0:115.6.0-1.el8_9","thunderbird-0:115.6.0-1.el7_9","thunderbird-0:115.6.0-1.el8_8","thunderbird-0:115.6.0-1.el9_0","thunderbird-0:115.6.0-1.el9_2","thunderbird-0:115.6.0-1.el8_2"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50762.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2023-50727","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":[],"bugzilla":"2255887","bugzilla_description":"resque: Reflected XSS in Queue Endpoint","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-79|CWE-233)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50727.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N","cvss3_score":"6.3"},{"CVE":"CVE-2023-50725","severity":"moderate","public_date":"2023-12-19T00:00:00Z","advisories":[],"bugzilla":"2255888","bugzilla_description":"resque: Reflected XSS in resque-web failed and queues lists","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-79|CWE-233)","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50725.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N","cvss3_score":"6.3"},{"CVE":"CVE-2023-6004","severity":"low","public_date":"2023-12-18T00:00:00Z","advisories":[],"bugzilla":"2251110","bugzilla_description":"libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-74","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6004.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"4.8"},{"CVE":"CVE-2023-48795","severity":"moderate","public_date":"2023-12-18T00:00:00Z","advisories":["RHSA-2024:1192","RHSA-2024:1194","RHSA-2024:1150","RHSA-2024:1193","RHSA-2024:1130","RHSA-2024:1196","RHSA-2024:1197","RHSA-2024:0789","RHSA-2024:0625","RHSA-2024:0429","RHSA-2024:0606","RHSA-2024:0628","RHSA-2024:0880","RHSA-2024:1210","RHSA-2023:7201","RHBA-2024:1127","RHSA-2024:0766","RHSA-2024:0843","RHSA-2024:0954","RHSA-2024:0538","RHSA-2024:0594","RHBA-2024:1136","RHSA-2024:0455","RHSA-2024:0499","RHSA-2023:7198","RHSA-2023:7197"],"bugzilla":"2254210","bugzilla_description":"ssh: Prefix truncation attack on Binary Packet Protocol (BPP)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-222","affected_packages":["openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8:1.10.0-5","openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.10.0-4","openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.10.0-4","buildah-1:1.31.4-1.el9_3","eap8-lucene-solr-0:8.11.2-2.redhat_00001.1.el8eap","eap8-log4j-0:2.19.0-2.redhat_00001.1.el9eap","openshift-serverless-1/eventing-kafka-broker-receiver-rhel8:1.10.0-3","openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.10.0-4","openshift-serverless-1-tech-preview/logic-swf-builder-rhel8:1.31.0-5","eap8-eclipse-jgit-0:6.6.1.202309021850-1.r_redhat_00001.1.el8eap","openssh-0:8.0p1-15.el8_6.3","libssh-0:0.9.6-4.el8_6","eap7-apache-sshd-0:2.12.1-1.redhat_00001.1.el8eap","openshift4/ose-aws-efs-csi-driver-container-rhel8:v4.15.0-202402051038.p0.g5af4e87.assembly.stream","openshift-serverless-1/serving-storage-version-migration-rhel8:1.10.0-4","openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.10.0-3","openshift4/ose-vsphere-cluster-api-controllers-rhel9:v4.15.0-202403050707.p0.g2070c13.assembly.stream.el9","openshift-serverless-1/eventing-storage-version-migration-rhel8:1.10.0-4","openssh-0:8.0p1-19.el8_8.2","podman-3:4.4.1-21.rhaos4.15.el8","openshift4/ose-olm-rukpak-rhel8:v4.15.0-202402082307.p0.g36acf8d.assembly.stream.el8","openshift-serverless-1/net-istio-webhook-rhel8:1.10.0-4","eap8-apache-sshd-0:2.12.0-1.redhat_00001.1.el9eap","openshift4/ose-machine-api-provider-azure-rhel9:v4.15.0-202403050707.p0.g90771ab.assembly.stream.el9","eap8-log4j-0:2.19.0-2.redhat_00001.1.el8eap","libssh-0:0.10.4-9.el9_2","openshift-serverless-1/serving-domain-mapping-webhook-rhel8:1.10.0-4","openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.10.0-4","eap8-eclipse-jgit-0:6.6.1.202309021850-1.r_redhat_00001.1.el9eap","openshift-serverless-1/ingress-rhel8-operator:1.31.1-2","eap7-apache-sshd-0:2.12.1-1.redhat_00001.1.el9eap","eap8-apache-sshd-0:2.12.0-1.redhat_00001.1.el8eap","openshift-serverless-1/eventing-mtping-rhel8:1.10.0-4","libssh-0:0.9.6-13.el8_9","openshift4/ose-csi-external-provisioner:v4.15.0-202402082307.p0.gce5a1a3.assembly.stream.el8","openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.10.0-4","openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8:1.31.0-4","openshift-serverless-1/serving-autoscaler-rhel8:1.10.0-4","libssh-0:0.9.6-13.el8_8","podman-2:4.6.1-8.el9_3","openshift4-wincw/windows-machine-config-rhel9-operator:10.15.0-46","openshift-serverless-clients-0:1.10.0-6.el8","openshift-serverless-1/serving-controller-rhel8:1.10.0-4","openshift-serverless-1/serving-queue-rhel8:1.10.0-4","openshift-serverless-1/serverless-operator-bundle:1.31.1-1","apache-sshd","openshift4/ose-aws-ebs-csi-driver-rhel9:v4.15.0-202401261531.p0.gb692edb.assembly.stream","openshift-serverless-1/knative-rhel8-operator:1.31.1-2","openshift4/ose-cluster-capi-rhel9-operator:v4.15.0-202403050707.p0.gc8c94ba.assembly.stream.el9","openshift-serverless-1/serving-activator-rhel8:1.10.0-4","eap8-parsson-0:1.1.5-1.redhat_00001.1.el9eap","openshift-serverless-1/serving-webhook-rhel8:1.10.0-4","openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.10.0-3","openshift4/ose-csi-external-provisioner-rhel8:v4.15.0-202402082307.p0.gce5a1a3.assembly.stream.el8","openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8:1.10.0-4","openshift-serverless-1/serving-domain-mapping-rhel8:1.10.0-4","openshift4/ose-azure-file-csi-driver-rhel9:v4.15.0-202401261531.p0.g364d90d.assembly.stream","openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.10.0-4","openshift4/ose-azure-disk-csi-driver-rhel9:v4.15.0-202401261531.p0.gdcb7e1c.assembly.stream","eap8-wildfly-0:8.0.1-3.GA_redhat_00002.1.el9eap","openshift4/ose-vsphere-csi-driver-syncer-rhel9:v4.15.0-202401261531.p0.g74481e3.assembly.stream","openshift4/ose-node-feature-discovery-rhel9:v4.15.0-202401311148.p0.ge4929ab.assembly.stream","openssh-0:8.0p1-19.el8_9.2","openshift-serverless-1/kourier-control-rhel8:1.10.0-4","openssh-0:8.7p1-30.el9_2.3","openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.10.0-3","openshift-serverless-1/kn-cli-artifacts-rhel8:1.10.0-3","eap8-parsson-0:1.1.5-1.redhat_00001.1.el8eap","eap8-lucene-solr-0:8.11.2-2.redhat_00001.1.el9eap","openshift-serverless-1/eventing-webhook-rhel8:1.10.0-4","openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.10.0-3","openssh-0:8.7p1-34.el9_3.3","openshift-serverless-1/serverless-rhel8-operator:1.31.1-2","openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.10.0-4","openshift-serverless-1/svls-must-gather-rhel8:1.31.1-2","libssh-0:0.10.4-12.el9_3","openshift-serverless-1/eventing-istio-controller-rhel8:1.10.0-5","openshift-serverless-1/func-utils-rhel8:1.31.1-2","eap7-apache-sshd-0:2.12.1-1.redhat_00001.1.el7eap","openshift4/ose-ibmcloud-cluster-api-controllers-rhel9:v4.15.0-202402191538.p0.g34fb625.assembly.stream.el9","eap8-wildfly-0:8.0.1-3.GA_redhat_00002.1.el8eap","openshift4-wincw/windows-machine-config-operator-bundle:v10.15.0-43","openshift-serverless-1/net-istio-controller-rhel8:1.10.0-4","openshift-serverless-1/client-kn-rhel8:1.10.0-5","openshift-serverless-1/eventing-controller-rhel8:1.10.0-4"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2023-6918","severity":"low","public_date":"2023-12-18T00:00:00Z","advisories":[],"bugzilla":"2254997","bugzilla_description":"libssh: Missing checks for return values for digests","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-252","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6918.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2023-6920","severity":null,"public_date":"2023-12-18T00:00:00Z","advisories":[],"bugzilla":"2255024","bugzilla_description":"keycloak-core: Reflected XSS via wildcard in OIDC redirect_uri. Incomplete fix of CVE-2023-6134","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-75","affected_packages":[],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6920.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2023-6927","severity":"moderate","public_date":"2023-12-18T00:00:00Z","advisories":["RHSA-2024:0800","RHSA-2024:0801","RHSA-2024:0094","RHSA-2024:0804","RHSA-2024:0095","RHSA-2024:0096","RHSA-2024:0097","RHSA-2024:0098","RHSA-2024:0100","RHSA-2024:0101","RHSA-2024:0798","RHSA-2024:0799"],"bugzilla":"2255027","bugzilla_description":"keycloak: open redirect via \"form_post.jwt\" JARM response mode","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-601","affected_packages":["rh-sso7-keycloak-0:18.0.12-1.redhat_00001.1.el9sso","rhbk/keycloak-rhel9:22-7","rh-sso-7/sso76-openshift-rhel8:7.6-39","keycloak-core","rh-sso7-keycloak-0:18.0.12-1.redhat_00001.1.el8sso","rh-sso7-keycloak-0:18.0.11-3.redhat_00001.1.el7sso","rh-sso7-keycloak-0:18.0.12-1.redhat_00001.1.el7sso","rh-sso7-keycloak-0:18.0.11-3.redhat_00001.1.el8sso","rh-sso-7/sso76-openshift-rhel8:7.6-41","rh-sso7-keycloak-0:18.0.11-3.redhat_00001.1.el9sso"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6927.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"4.6"},{"CVE":"CVE-2023-6817","severity":"important","public_date":"2023-12-18T00:00:00Z","advisories":["RHSA-2024:0724","RHSA-2024:1382","RHSA-2024:0881","RHSA-2024:1268","RHSA-2024:1367","RHSA-2024:1248","RHSA-2024:1269","RHSA-2024:0897","RHSA-2024:1404","RHSA-2024:1019","RHSA-2024:1018"],"bugzilla":"2255139","bugzilla_description":"kernel: inactive elements in nft_pipapo_walk","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-0:4.18.0-193.128.1.el8_2","kernel-rt-0:4.18.0-193.128.1.rt13.179.el8_2","kernel-rt-0:5.14.0-284.55.1.rt14.340.el9_2","kernel-rt-0:4.18.0-305.125.1.rt7.201.el8_4","kernel-0:4.18.0-372.91.1.el8_6","kernel-0:4.18.0-477.51.1.el8_8","kernel-rt-0:4.18.0-513.18.1.rt7.320.el8_9","kernel-0:5.14.0-284.55.1.el9_2","kernel-0:4.18.0-305.125.1.el8_4","kernel-0:5.14.0-362.24.1.el9_3","kernel-0:4.18.0-513.18.1.el8_9"],"package_state":null,"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6817.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"}]