Security
Headlines
HeadlinesLatestCVEs

Tag

#aws

CVE-2014-0188: Red Hat Customer Portal - Access to 24x7 support and knowledge

The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to a passthrough trigger.

CVE
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#perl#aws#auth#ruby
CVE-2012-0818: Red Hat Customer Portal - Access to 24x7 support and knowledge

RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.