Vulnerabilities > Redhat
|2021-06-10||CVE-2021-20293|| Cross-Site Scripting vulnerability in Redhat Resteasy |
A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType.
| 4.3 |
|2021-06-09||CVE-2021-0129|| Incorrect Authorization vulnerability in multiple products |
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
| 2.7 |
|2021-06-09||CVE-2021-3532|| Information Exposure vulnerability in multiple products |
A flaw was found in Ansible where the secret information present in async_files are getting disclosed when the user changes the jobdir to a world readable directory.
| 4.3 |
|2021-06-09||CVE-2021-3533|| Time-Of-Check Time-Of-Use (Toctou) Race Condition vulnerability in multiple products |
A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR to a subdirectory of a world writable directory.
| 1.2 |
|2021-06-07||CVE-2020-1750|| Resource Exhaustion vulnerability in Redhat Machine-Config-Operator |
A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory.
| 4.0 |
|2021-06-07||CVE-2020-25716|| Improper Authorization vulnerability in Redhat Cloudforms |
A flaw was found in Cloudforms.
| 5.5 |
|2021-06-07||CVE-2020-1690|| Improper Authorization vulnerability in Redhat Openstack-Selinux and Openstack Platform |
An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation.
| 4.9 |
|2021-06-07||CVE-2020-1742|| Improper Privilege Management vulnerability in multiple products |
An insecure modification vulnerability flaw was found in containers using nmstate/kubernetes-nmstate-handler.
| 4.4 |
|2021-06-07||CVE-2020-1719|| Privilege Context Switching Error vulnerability in Redhat Wildfly |
A flaw was found in wildfly.
| 5.5 |
|2021-06-04||CVE-2021-3565|| Improper Initialization vulnerability in multiple products |
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2.
| 4.3 |