Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Red Hat Ceph Storage 7

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2024-11831
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.52% / 65.87%
||
7 Day CHG~0.00%
Published-10 Feb, 2025 | 15:27
Updated-20 Aug, 2025 | 22:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript

A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat OpenShift Container Platform 3.11Red Hat Advanced Cluster Security 4.4RHODF-4.18-RHEL-9Logging Subsystem for Red Hat OpenShiftRed Hat Ceph Storage 8Red Hat Process Automation 7RHODF-4.16-RHEL-9Red Hat JBoss Enterprise Application Platform 7OpenShift Service Mesh 2Migration Toolkit for VirtualizationRed Hat Fuse 7OpenShift LightspeedRed Hat Enterprise Linux 10Red Hat Trusted Profile AnalyzerRed Hat Discovery 1Red Hat Quay 3Red Hat Satellite 6Cryostat 3Red Hat OpenShift Dev SpacesRed Hat JBoss Enterprise Application Platform 8RHODF-4.14-RHEL-9Red Hat Ansible Automation Platform 2Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat Data Grid 8Red Hat Enterprise Linux 8RHODF-4.15-RHEL-9Red Hat Enterprise Linux 9Red Hat 3scale API Management Platform 2RHODF-4.17-RHEL-9Red Hat Advanced Cluster Security 4.5Red Hat build of OptaPlanner 8Red Hat Developer Hub.NET 6.0 on Red Hat Enterprise LinuxRed Hat OpenShift distributed tracing 3Red Hat Single Sign-On 7Red Hat OpenShift AI (RHOAI)Red Hat Advanced Cluster Management for Kubernetes 2Red Hat OpenShift Container Platform 4Red Hat Ceph Storage 7OpenShift ServerlessRed Hat build of Apicurio Registry 2Red Hat build of Apache Camel - HawtIO 4Red Hat Advanced Cluster Security 4OpenShift PipelinesRed Hat Integration Camel K 1
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-6387
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-8.1||HIGH
EPSS-73.41% / 98.75%
||
7 Day CHG-0.13%
Published-01 Jul, 2024 | 12:37
Updated-24 Jul, 2025 | 13:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Openssh: regresshion - race condition in ssh allows rce/dos

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Action-Not Available
Vendor-amazonOpenBSDCanonical Ltd.Debian GNU/LinuxSUSENetApp, Inc.FreeBSD FoundationRed Hat, Inc.NetBSD
Product-linux_2023enterprise_linuxenterprise_linux_for_power_little_endiane-series_santricity_os_controllerdebian_linuxfreebsdopenshift_container_platformenterprise_linux_for_ibm_z_systemsenterprise_linux_for_power_little_endian_euslinux_enterprise_microenterprise_linux_for_ibm_z_systems_eusenterprise_linux_eusubuntu_linuxenterprise_linux_for_arm_64enterprise_linux_for_arm_64_eusopensshenterprise_linux_server_ausnetbsdontap_select_deploy_administration_utilityontap_toolsRed Hat OpenShift Container Platform 4.16Red Hat OpenShift Container Platform 4.14Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat OpenShift Container Platform 4.15Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 9Red Hat OpenShift Container Platform 4.13Red Hat Ceph Storage 6Red Hat Ceph Storage 5Red Hat Ceph Storage 7Red Hat Enterprise Linux 10Red Hat Enterprise Linux 8
CWE ID-CWE-364
Signal Handler Race Condition
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')