U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 15 matching records.
Displaying matches 1 through 15.
Vuln ID Summary CVSS Severity
CVE-2023-4641

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.

Published: December 27, 2023; 11:15:13 AM -0500
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-4732

A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x.

Published: October 03, 2023; 1:15:09 PM -0400
V4.0:(not available)
V3.1: 4.7 MEDIUM
V2.0:(not available)
CVE-2023-4042

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

Published: August 23, 2023; 9:15:07 AM -0400
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2019-8720

A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.

Published: March 06, 2023; 6:15:10 PM -0500
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-0435

A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.

Published: March 25, 2022; 3:15:10 PM -0400
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0: 9.0 HIGH
CVE-2022-0330

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

Published: March 25, 2022; 3:15:10 PM -0400
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-3733

There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability.

Published: March 10, 2022; 12:42:59 PM -0500
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2021-3737

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

Published: March 04, 2022; 2:15:08 PM -0500
V4.0:(not available)
V3.1: 7.5 HIGH
V2.0: 7.1 HIGH
CVE-2021-3744

A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808.

Published: March 04, 2022; 11:15:08 AM -0500
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

Published: March 03, 2022; 2:15:08 PM -0500
V4.0:(not available)
V3.1: 7.8 HIGH
V2.0: 6.9 MEDIUM
CVE-2021-3930

An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.

Published: February 18, 2022; 1:15:09 PM -0500
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0: 2.1 LOW
CVE-2020-27842

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.

Published: January 05, 2021; 1:15:14 PM -0500
V4.0:(not available)
V3.1: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-11135

TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.

Published: November 14, 2019; 2:15:13 PM -0500
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0: 2.1 LOW
CVE-2019-3460

A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.

Published: April 11, 2019; 12:29:02 PM -0400
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0: 3.3 LOW
CVE-2019-3459

A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.

Published: April 11, 2019; 12:29:02 PM -0400
V4.0:(not available)
V3.1: 6.5 MEDIUM
V2.0: 3.3 LOW