Enterprise Linux FOR IBM Z Systems

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-16	CVE-2021-20257	Infinite Loop vulnerability in multiple products An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. local low complexity qemu fedoraproject redhat debian CWE-835	6.5
2022-03-10	CVE-2022-0516	A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. local low complexity linux fedoraproject debian redhat netapp	7.8
2022-03-10	CVE-2022-0847	Improper Initialization vulnerability in multiple products A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. local low complexity linux fedoraproject redhat ovirt netapp siemens sonicwall CWE-665	7.8
2022-03-10	CVE-2021-3733	Resource Exhaustion vulnerability in multiple products There's a flaw in urllib's AbstractBasicAuthHandler class. network low complexity python redhat fedoraproject netapp CWE-400	6.5
2022-03-04	CVE-2021-3656	Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. local low complexity linux fedoraproject redhat CWE-862	8.8
2022-03-04	CVE-2021-3737	Infinite Loop vulnerability in multiple products A flaw was found in python. network low complexity python redhat fedoraproject canonical netapp oracle CWE-835	7.5
2022-03-04	CVE-2021-23214	SQL Injection vulnerability in multiple products When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. network high complexity postgresql fedoraproject redhat CWE-89	8.1
2022-03-03	CVE-2021-3602	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An information disclosure flaw was found in Buildah, when building containers using chroot isolation. local low complexity buildah-project redhat CWE-212	5.5
2022-03-03	CVE-2022-0492	Missing Authorization vulnerability in multiple products A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. local low complexity linux debian redhat canonical fedoraproject netapp CWE-862	7.8
2022-03-02	CVE-2021-3677	Information Exposure vulnerability in multiple products A flaw was found in postgresql. network low complexity postgresql redhat fedoraproject CWE-200	6.5