Vulnerabilities > Redhat > Process Automation > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-08-24 CVE-2021-4178 Deserialization of Untrusted Data vulnerability in Redhat products
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above.
local
low complexity
redhat CWE-502
6.7
2021-08-05 CVE-2021-3642 A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled.
network
high complexity
redhat quarkus
5.3
2021-06-01 CVE-2021-20306 Unspecified vulnerability in Redhat Descision Manager, Jbpm and Process Automation
A flaw was found in the BPMN editor in version jBPM 7.51.0.Final.
network
low complexity
redhat
4.3
2020-01-02 CVE-2019-14863 Cross-site Scripting vulnerability in multiple products
There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.
network
low complexity
angularjs redhat CWE-79
6.1
2020-01-02 CVE-2019-14862 There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.
network
low complexity
knockoutjs redhat oracle
6.1