Red Hat Update Infrastructure
By the Year
In 2024 there have been 2 vulnerabilities in Red Hat Update Infrastructure with an average score of 7.5 out of ten. Update Infrastructure did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2024 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 2 | 7.50 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 5.50 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Update Infrastructure vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Update Infrastructure Security Vulnerabilities
A flaw was found in the python-cryptography package
CVE-2023-50782
7.5 - High
- February 05, 2024
A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
Side Channel Attack
A flaw was found in m2crypto
CVE-2023-50781
7.5 - High
- February 05, 2024
A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
Side Channel Attack
The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode
CVE-2022-3644
5.5 - Medium
- October 25, 2022
The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only.
Insufficiently Protected Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Update Infrastructure or by Red Hat? Click the Watch button to subscribe.
