Vulnerabilities > Redhat > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-19 | CVE-2019-10200 | Improper Access Control vulnerability in Redhat Openshift Container Platform 4.0 A flaw was discovered in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedule workloads on master nodes. | 9.0 |
2021-03-19 | CVE-2019-10196 | Improper Initialization vulnerability in multiple products A flaw was found in http-proxy-agent, prior to version 2.1.0. | 9.0 |
2021-03-12 | CVE-2021-20231 | Use After Free vulnerability in multiple products A flaw was found in gnutls. | 9.8 |
2021-03-12 | CVE-2021-20232 | Use After Free vulnerability in multiple products A flaw was found in gnutls. | 9.8 |
2020-12-21 | CVE-2020-27846 | Misinterpretation of Input vulnerability in multiple products A signature verification vulnerability exists in crewjam/saml. | 9.8 |
2020-10-27 | CVE-2019-8846 | Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. | 9.3 |
2020-10-27 | CVE-2019-8835 | Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. | 9.3 |
2020-10-27 | CVE-2019-8844 | Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. | 9.3 |
2020-04-28 | CVE-2020-1745 | Unspecified vulnerability in Redhat Undertow A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in 2.0.30.Final. | 9.8 |
2020-03-02 | CVE-2019-14892 | Deserialization of Untrusted Data vulnerability in multiple products A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. | 9.8 |