RED HAT — Vulnerabilities & Security Advisories 691

Browse all 691 CVE security advisories affecting RED HAT. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Red Hat operates primarily as a provider of open-source enterprise software solutions, most notably its Linux operating system and container platforms. With 688 recorded Common Vulnerabilities and Exposures, the organization’s historical attack surface frequently involves remote code execution, cross-site scripting, and privilege escalation flaws within its middleware and management tools. These vulnerabilities often stem from complex codebases and third-party dependencies integrated into its distribution. Security characteristics are defined by a rigorous patching lifecycle and the Red Hat Security Response Team, which issues timely advisories for critical issues. While major public breaches directly attributed to Red Hat core infrastructure are rare, individual component flaws have occasionally allowed attackers to gain unauthorized access or execute arbitrary commands. The company maintains a strong reputation for transparency, providing detailed technical guidance to help administrators mitigate risks associated with its widely deployed enterprise technologies.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-9901	Libsoup: improper handling of http vary header in libsoup caching — Red Hat Enterprise Linux 10CWE-524	5.9	Medium	2025-09-03
CVE-2025-7039	Glib: buffer under-read on glib through glib/gfileutils.c via get_tmp_file() — Red Hat Enterprise Linux 10CWE-22	3.7	Low	2025-09-03
CVE-2025-4437	Cri-o: large /etc/passwd file may lead to denial of service — Red Hat OpenShift Container Platform 4CWE-770	5.7	Medium	2025-08-20
CVE-2025-7777	Mirror-registry: host header injection in mirror-registry — mirror registry for Red Hat OpenShift	6.5	Medium	2025-08-20
CVE-2025-5417	Rhdh: red hat developer hub user permissions — Red Hat Developer HubCWE-266	6.1	Medium	2025-08-19
CVE-2025-53861	Aap: sensitive cookie(s) set without security flags — Red Hat Ansible Automation Platform 2CWE-319	3.1	Low	2025-07-11
CVE-2025-53862	Aap: aap-gateway: automation-hub: sensitive information disclosure — Red Hat Ansible Automation Platform 2CWE-497	3.5	Low	2025-07-11
CVE-2025-6920	Ai-inference-server: authentication bypass via unprotected inference endpoint in api — Red Hat AI Inference ServerCWE-306	5.3	Medium	2025-07-01
CVE-2025-49520	Event-driven-ansible: authenticated argument injection in git url in eda project creation — Red Hat Ansible Automation Platform 2.5 for RHEL 8CWE-88	8.8	High	2025-06-30
CVE-2025-49521	Event-driven-ansible: template injection via git branch and refspec in eda projects — Red Hat Ansible Automation Platform 2.5 for RHEL 8CWE-94	8.8	High	2025-06-30
CVE-2025-5731	Infinispan: credential leakage in infinispan cli — infinispanCWE-209	5.5	Medium	2025-06-26
CVE-2025-5416	Keycloak-core: keycloak environment information — Red Hat Build of KeycloakCWE-497	2.7	Low	2025-06-20
CVE-2025-6052	Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring — Red Hat Enterprise Linux 10CWE-190	3.7	Low	2025-06-13
CVE-2025-5024	Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus — Red Hat Enterprise Linux 10CWE-400	7.4	High	2025-05-22
CVE-2025-4035	Libsoup: cookie domain validation bypass via uppercase characters in libsoup — Red Hat Enterprise Linux 10CWE-178	4.3	Medium	2025-04-29
CVE-2025-2157	Foreman: disclosure of executed commands and outputs in foreman / red hat satellite — Satellite ServerCWE-922	3.3	Low	2025-03-15
CVE-2022-4975	Rhacs: cross-site scripting in portal — Red Hat Advanced Cluster Security 3CWE-79	8.9	High	2025-01-27
CVE-2024-10451	Org.keycloak:keycloak-quarkus-server: sensitive data exposure in keycloak build process — Red Hat build of Keycloak 24CWE-798	5.9	Medium	2024-11-25
CVE-2023-6110	Openstack: deleting a non existing access rule deletes another existing access rule in it's scope — Red Hat OpenStack Platform 17.1 for RHEL 8CWE-237	5.5	Medium	2024-11-17
CVE-2023-4639	Undertow: cookie smuggling/spoofing — Migration Toolkit for Runtimes 1 on RHEL 8CWE-444	7.4	High	2024-11-17
CVE-2023-1419	Debezium: script injection via connector parameter — Red Hat build of DebeziumCWE-233	5.9	Medium	2024-11-17
CVE-2022-2232	Keycloak: ldap injection on username input — Red Hat Single Sign-On 7CWE-20	7.5	High	2024-11-14
CVE-2023-1973	Undertow: unrestricted request storage leads to memory exhaustion — Red Hat JBoss Enterprise Application Platform 7CWE-20	7.5	High	2024-11-07
CVE-2023-1932	Hibernate-validator: rendering of invalid html with safehtml leads to html injection and xss — A-MQ Clients 2	6.1	Medium	2024-11-07
CVE-2024-50312	Graphql: information disclosure via graphql introspection in openshift — Red Hat OpenShift Container Platform 4.16CWE-200	5.3	Medium	2024-10-22
CVE-2024-50311	Graphql: denial of service (dos) vulnerability via graphql batching — Red Hat OpenShift Container Platform 4.18CWE-770	6.5	Medium	2024-10-22
CVE-2024-43168	Unbound: heap-buffer-overflow in unbound — Red Hat Enterprise Linux 6CWE-122	4.8	Medium	2024-08-08
CVE-2024-43167	Unbound: null pointer dereference in unbound — Red Hat Enterprise Linux 6CWE-476	2.8	Low	2024-08-08
CVE-2024-5891	Quay: unauthorized user may authenticate via oauth application token — Red Hat Quay 3CWE-1390	4.2	Medium	2024-06-12
CVE-2024-3657	389-ds-base: potential denial of service via specially crafted kerberos as-req request — Red Hat Directory Server 11.5 E4S for RHEL 8CWE-20	7.5	High	2024-05-28

This page lists every published CVE security advisory associated with RED HAT. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

RED HAT — Vulnerabilities & Security Advisories 691