Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-26 | CVE-2022-34303 | A flaw was found in Eurosoft bootloaders before 2022-06-01. | 6.7 |
| 2022-08-26 | CVE-2021-35939 | Link Following vulnerability in multiple products It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. | 6.7 |
| 2022-08-26 | CVE-2021-3669 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel. | 5.5 |
| 2022-08-26 | CVE-2021-3688 | Information Exposure vulnerability in Redhat Jboss Core Services Httpd 2.4.23/2.4.29/2.4.37 A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). | 4.8 |
| 2022-08-26 | CVE-2021-3754 | Unspecified vulnerability in Redhat Keycloak and Single Sign-On A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. | 5.3 |
| 2022-08-26 | CVE-2021-3856 | Path Traversal vulnerability in Redhat Keycloak ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. | 4.3 |
| 2022-08-25 | CVE-2021-35937 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A race condition vulnerability was found in rpm. | 6.4 |
| 2022-08-25 | CVE-2021-35938 | Link Following vulnerability in multiple products A symbolic link issue was found in rpm. | 6.7 |
| 2022-08-25 | CVE-2021-3914 | Cross-site Scripting vulnerability in Redhat products It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. | 6.1 |
| 2022-08-25 | CVE-2021-3979 | Improper Authentication vulnerability in multiple products A key length flaw was found in Red Hat Ceph Storage. | 6.5 |