Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Red Hat OpenShift distributed tracing 3.6.0

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2025-6020
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.70%
||
7 Day CHG~0.00%
Published-17 Jun, 2025 | 12:44
Updated-22 Jan, 2026 | 05:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux-pam: linux-pam directory traversal

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 10.0 Extended Update SupportRHOSS-1.36-RHEL-8Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceCompliance Operator 1Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRHEL-8 based Middleware ContainersRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 8.2 Advanced Update Supportcert-manager operator for Red Hat OpenShift 1.16Red Hat OpenShift sandboxed containers 1.1Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9Red Hat Discovery 2Red Hat Insights proxy 1.5Red Hat Web Terminal 1.12 on RHEL 9Red Hat Enterprise Linux 7 Extended Lifecycle SupportRed Hat Web Terminal 1.11 on RHEL 9Red Hat OpenShift distributed tracing 3.6.0Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-4373
Assigner-Red Hat, Inc.
ShareView Details
Assigner-Red Hat, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.19% / 40.66%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 14:48
Updated-29 Jan, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Glib: buffer underflow on glib through glib/gstring.c via function g_string_insert_unichar

A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Insights proxy 1.5Red Hat Enterprise Linux 10Red Hat OpenShift distributed tracing 3.6.0Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.2 Update Services for SAP Solutions
CWE ID-CWE-124
Buffer Underwrite ('Buffer Underflow')