Security Bulletins

Red Hat Product Security strives to provide the most actionable information to help you make appropriate risk-based decisions. There are vulnerabilities that may require more contextual information to help in the decision-making process, so specialized Security Bulletins are created to offer the best experience and information possible. Here you will fix these bulletins which aggregate information, diagnostic tools, and updates in one easy to understand interface. In addition, when new product releases are made available that have security fixes included, these Security Bulletins will highlight those fixes to assist in decisions about upgrading to newer versions.

A full list of all CVEs affecting Red Hat Products can be found in our CVE Database.

Browse Red Hat CVES
Topic Impact Status Public Date Sort ascending
RHSB-2024-001 Leaky Vessels - runc - (CVE-2024-21626) Important Resolved
RHSB-2023-003 HTTP/2 Rapid Reset (CVE-2023-44487 and CVE-2023-39325) Important Ongoing
RHSB-2023-002 Quarkus Security Policy Bypass - Quarkus - (CVE-2023-4853) Important Resolved
RHSB-2023-001 OpenShift misconfiguration of FIPS cryptographic library Moderate Resolved
RHSB-2022-004 X.509 Email Address Buffer Overflow - OpenSSL - (CVE-2022-3602 and CVE-2022-3786) Important Resolved
RHSB-2022-003 Spring Remote Code Execution - (CVE-2022-22963, CVE-2022-22965) Critical Resolved
RHSB-2022-002 Dirty Pipe - kernel arbitrary file manipulation - (CVE-2022-0847) Important Resolved
RHSB-2022-001 Polkit Privilege Escalation - (CVE-2021-4034) Important Resolved
RHSB-2021-009 Log4Shell - Remote Code Execution - log4j (CVE-2021-44228) Critical Resolved
RHSB-2021-008 NSS Memory corruption when decoding DSA signatures (CVE-2021-43527) Critical Resolved
RHSB-2021-007 Trojan source attacks (CVE-2021-42574,CVE-2021-42694) Moderate Resolved
RHSB-2021-006 Long path name in mountpoint flaws in the kernel and systemd (CVE-2021-33909, CVE-2021-33910) Important Resolved
RHSB-2021-004 Symlink-Exchange attack - runc - (CVE-2021-30465) Important Resolved
RHSB-2021-003 ACPI Secure Boot vulnerability - GRUB 2 - (CVE-2020-14372) Moderate Resolved
RHSB-2021-002 Privilege escalation via command line argument parsing - sudo - (CVE-2021-3156) Important Resolved
RHSB-2021-001 DNSpooq - Multiple vulnerabilities within dnsmasq (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25684, CVE-2020-25685, CVE-2020-25686, CVE-2020-25687) Important Resolved
BleedingTooth - Kernel Bluetooth vulnerabilities - CVE-2020-12351, CVE-2020-12352, CVE-2020-24490, CVE-2020-25661 and CVE-2020-25662 Important Resolved
Boot Hole Vulnerability - GRUB 2 boot loader - CVE-2020-10713 Moderate Resolved
Runc regression - docker-1.13.1-108 - CVE-2016-8867, CVE-2020-14298, and CVE-2020-14300 Important Resolved
CVE-2020-11100 haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes Critical Resolved