Rhel-8 based middleware containers

This hub aggregates every CVE we track for Rhel-8 based middleware containers. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Rhel-8 based middleware containers.

• CVE-2026-5121Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing7.5Mar 30, 2026
• CVE-2026-4519webbrowser.open() allows leading dashes in URLs3.3Mar 20, 2026
• CVE-2026-4424Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing7.5Mar 19, 2026
• CVE-2025-14831Gnutls: gnutls: denial of service via excessive resource consumption during certificate verification5.3Feb 9, 2026
• CVE-2025-9820Gnutls: stack-based buffer overflow in gnutls_pkcs11_token_init() function4.0Jan 26, 2026
• CVE-2025-6020Linux-pam: linux-pam directory traversal7.8Jun 17, 2025
• CVE-2025-4057Activemq-artemis-operator: amq broker operator starting credentials reuse5.5May 26, 2025
• CVE-2024-10234Wildfly: wildfly vulnerable to cross-site scripting (xss)6.1Oct 22, 2024
• CVE-2024-8883Keycloak: vulnerable redirect uri validation results in open redirec6.1Sep 19, 2024
• CVE-2024-8698Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak7.7Sep 19, 2024
• CVE-2024-7341Wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters7.1Sep 9, 2024
• CVE-2024-4629Keycloak: potential bypass of brute force protection6.5Sep 3, 2024
• CVE-2024-5967Keycloak: leak of configured ldap bind credentials through the keycloak admin console2.7Jun 18, 2024
• CVE-2024-4540Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie7.5Jun 3, 2024
• CVE-2023-6544Keycloak: authorization bypass5.4Apr 25, 2024