Redhat: >> Update Infrastructure Security Vulnerabilities
A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
CVSS Score
7.5
EPSS Score
0.005
Published
2024-02-05
A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-02-05
The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-10-25
RHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates
CVSS Score
5.5
EPSS Score
0.001
Published
2019-11-04