Vulnerabilities > Redhat > Enterprise Linux > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-16 | CVE-2021-40438 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. | 9.0 |
| 2021-08-12 | CVE-2021-20314 | Out-of-bounds Write vulnerability in multiple products Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages. | 9.8 |
| 2021-05-28 | CVE-2021-20236 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the ZeroMQ server in versions before 4.3.3. | 9.8 |
| 2021-05-21 | CVE-2020-36331 | Out-of-bounds Read vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 9.1 |
| 2021-05-21 | CVE-2020-36330 | Out-of-bounds Read vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 9.1 |
| 2021-05-21 | CVE-2020-36329 | Use After Free vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 9.8 |
| 2021-05-21 | CVE-2020-36328 | A flaw was found in libwebp in versions before 1.0.1. | 9.8 |
| 2021-05-21 | CVE-2018-25014 | A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). | 9.8 |
| 2021-05-21 | CVE-2018-25013 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes(). | 9.1 |
| 2021-05-21 | CVE-2018-25012 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24(). | 9.1 |