Red hat 3scale api management platform

This hub aggregates every CVE we track for Red hat 3scale api management platform, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Red hat 3scale api management platform.

• CVE-2026-32281Inefficient policy validation in crypto/x5097.5Apr 8, 2026
• CVE-2026-32280Unexpected work during chain building in crypto/x5097.5Apr 8, 2026
• CVE-2026-33810Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x5098.2Apr 8, 2026
• CVE-2026-32289JsBraceDepth Context Tracking Bugs (XSS) in html/template6.1Apr 8, 2026
• CVE-2026-34830Rack: Rack::Sendfile regex injection via HTTP_X_ACCEL_MAPPING header allows arbitrary file reads through nginx5.9Apr 2, 2026
• CVE-2026-34829Rack: Denial of Service via Unbounded Multipart File Upload Without Content-Length7.5Apr 2, 2026
• CVE-2026-34826Rack: Unbounded Range Count in get_byte_ranges Enables DoS5.3Apr 2, 2026
• CVE-2026-34786Rack: Rack::Static header_rules bypass via URL-encoded paths5.3Apr 2, 2026
• CVE-2026-34763Rack: Rack::Directory info disclosure and DoS via unescaped regex interpolation5.3Apr 2, 2026
• CVE-2026-34831Rack: Content-Length mismatch in Rack::Files error responses4.8Apr 2, 2026
• CVE-2026-34230Rack: Quadratic complexity in Rack::Utils.select_best_encoding via wildcard Accept-Encoding header5.3Apr 2, 2026
• CVE-2026-33195Rails Active Storage has possible Path Traversal in DiskService9.8Mar 23, 2026
• CVE-2026-33174Rails Active Storage has a possible DoS vulnerability when in proxy mode via Range requests7.5Mar 23, 2026
• CVE-2026-27903minimatch has a ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments7.5Feb 26, 2026
• CVE-2026-22860Rack has a Directory Traversal via Rack:Directory7.5Feb 18, 2026