Vulnerabilities > Redhat > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-26 | CVE-2018-10868 | XML Entity Expansion vulnerability in Redhat Certification 7.0 redhat-certification 7 does not properly restrict the number of recursive definitions of entities in XML documents, allowing an unauthenticated user to run a "Billion Laugh Attack" by replying to XMLRPC methods when getting the status of an host. | 7.5 |
| 2021-05-26 | CVE-2019-14836 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat 3Scale 2.4 A vulnerability was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. | 8.8 |
| 2021-05-21 | CVE-2020-36332 | Resource Exhaustion vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 7.5 |
| 2021-05-19 | CVE-2021-3445 | A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. | 7.5 |
| 2021-05-19 | CVE-2021-3517 | There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. | 8.6 |
| 2021-05-18 | CVE-2020-25709 | Reachable Assertion vulnerability in multiple products A flaw was found in OpenLDAP. | 7.5 |
| 2021-05-18 | CVE-2021-3518 | Use After Free vulnerability in multiple products There's a flaw in libxml2 in versions before 2.9.11. | 8.8 |
| 2021-05-14 | CVE-2020-27833 | Link Following vulnerability in Redhat Openshift Container Platform A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. | 7.1 |
| 2021-05-13 | CVE-2021-3528 | Information Exposure Through Log Files vulnerability in Redhat Noobaa-Operator A flaw was found in noobaa-operator in versions before 5.7.0, where internal RPC AuthTokens between the noobaa operator and the noobaa core are leaked into log files. | 8.8 |
| 2021-05-12 | CVE-2021-20202 | Unspecified vulnerability in Redhat Keycloak A flaw was found in keycloak. | 7.3 |