Security Bulletins
Red Hat Product Security strives to provide the most actionable information to help you make appropriate risk-based decisions. There are vulnerabilities that may require more contextual information to help in the decision-making process, so specialized Security Bulletins are created to offer the best experience and information possible. Here you will fix these bulletins which aggregate information, diagnostic tools, and updates in one easy to understand interface. In addition, when new product releases are made available that have security fixes included, these Security Bulletins will highlight those fixes to assist in decisions about upgrading to newer versions.
A full list of all CVEs affecting Red Hat Products can be found in our CVE Database.
Browse Red Hat CVES| Topic | Impact | Status | Public Date Sort descending |
|---|---|---|---|
| RHSB-2022-002 Dirty Pipe - kernel arbitrary file manipulation - (CVE-2022-0847) | Important | Resolved | |
| RHSB-2022-003 Spring Remote Code Execution - (CVE-2022-22963, CVE-2022-22965) | Critical | Resolved | |
| RHSB-2022-004 X.509 Email Address Buffer Overflow - OpenSSL - (CVE-2022-3602 and CVE-2022-3786) | Important | Resolved | |
| RHSB-2023-001 OpenShift misconfiguration of FIPS cryptographic library | Moderate | Resolved | |
| RHSB-2023-002 Quarkus Security Policy Bypass - Quarkus - (CVE-2023-4853) | Important | Resolved | |
| RHSB-2023-003 HTTP/2 Rapid Reset (CVE-2023-44487 and CVE-2023-39325) | Important | Ongoing | |
| RHSB-2024-001 Leaky Vessels - runc - (CVE-2024-21626) | Important | Resolved |
