Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-18	CVE-2021-3681	Insufficiently Protected Credentials vulnerability in Redhat Ansible Automation Platform and Ansible Galaxy A flaw was found in Ansible Galaxy Collections. local low complexity redhat CWE-522	5.5
2022-04-18	CVE-2021-42778	Double Free vulnerability in multiple products A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. network low complexity opensc-project fedoraproject redhat CWE-415	5.3
2022-04-18	CVE-2021-42779	Use After Free vulnerability in multiple products A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. network low complexity opensc-project fedoraproject redhat CWE-416	5.3
2022-04-18	CVE-2021-42780	Unchecked Return Value vulnerability in multiple products A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. network low complexity opensc-project fedoraproject redhat CWE-252	5.3
2022-04-18	CVE-2021-42781	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. network low complexity opensc-project fedoraproject redhat CWE-787	5.3
2022-04-18	CVE-2022-27652	Incorrect Default Permissions vulnerability in multiple products A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. local low complexity kubernetes fedoraproject mobyproject redhat CWE-276	5.3
2022-04-13	CVE-2022-1280	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. local high complexity linux redhat CWE-416	6.3
2022-04-11	CVE-2022-0552	Unspecified vulnerability in Redhat Origin-Aggregated-Logging 3.11 A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. network high complexity redhat	5.9
2022-04-04	CVE-2022-27651	Incorrect Default Permissions vulnerability in multiple products A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. network high complexity buildah-project fedoraproject redhat CWE-276	6.8
2022-03-25	CVE-2021-20323	Cross-site Scripting vulnerability in Redhat Keycloak A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak. network low complexity redhat CWE-79	6.1