Red hat storage

This hub aggregates every CVE we track for Red hat storage. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Red hat storage.

• CVE-2025-0426A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by...6.2Feb 13, 2025
• CVE-2025-22865ParsePKCS1PrivateKey panic with partial keys in crypto/x5097.5Jan 28, 2025
• CVE-2025-0306Ruby: openssl: ruby marvin attack7.4Jan 9, 2025
• CVE-2024-11236Integer overflow in the firebird and dblib quoters causing OOB writes9.8Nov 24, 2024
• CVE-2024-21510Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host (XFH) header. When making a request to a method with redire...5.4Nov 1, 2024
• CVE-2024-10452Organization admins can delete pending invites created in an organization they are not part of.2.2Oct 29, 2024
• CVE-2024-24790Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip9.8Jun 5, 2024
• CVE-2024-35176REXML contains a denial of service vulnerability5.3May 16, 2024
• CVE-2024-1135HTTP Request Smuggling in benoitc/gunicorn7.5Apr 16, 2024
• CVE-2024-24784Comments in display names are incorrectly handled in net/mail7.5Mar 5, 2024
• CVE-2024-21490This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With larg...7.5Feb 10, 2024
• CVE-2023-42669Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc6.5Nov 6, 2023
• CVE-2023-3961Samba: smbd allows client access to unix domain sockets on the file system as root9.1Nov 3, 2023
• CVE-2023-4091Samba: smb clients can truncate files with read-only permissions6.5Nov 3, 2023
• CVE-2023-43665In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial o...7.5Nov 3, 2023