Vulnerabilities > Redhat > Enterprise Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2021-3733 | Resource Exhaustion vulnerability in multiple products There's a flaw in urllib's AbstractBasicAuthHandler class. | 6.5 |
| 2022-03-03 | CVE-2021-3602 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An information disclosure flaw was found in Buildah, when building containers using chroot isolation. | 5.5 |
| 2022-03-03 | CVE-2021-3620 | Unspecified vulnerability in Redhat products A flaw was found in Ansible Engine's ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. | 5.5 |
| 2022-03-02 | CVE-2021-3623 | Out-of-bounds Write vulnerability in multiple products A flaw was found in libtpms. | 6.1 |
| 2022-03-02 | CVE-2021-3631 | A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. | 6.3 |
| 2022-03-02 | CVE-2021-3667 | An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. | 6.5 |
| 2022-03-02 | CVE-2021-3677 | A flaw was found in postgresql. | 6.5 |
| 2022-03-02 | CVE-2021-3772 | A flaw was found in the Linux SCTP stack. | 6.5 |
| 2022-02-24 | CVE-2021-3596 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. | 6.5 |
| 2022-02-24 | CVE-2021-3700 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in usbredir in versions prior to 0.11.0 in the usbredirparser_serialize() in usbredirparser/usbredirparser.c. | 6.4 |