Vulnerabilities > Redhat > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-08-05 CVE-2021-3642 A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled.
network
high complexity
redhat quarkus
5.3
5.3
2021-08-05 CVE-2021-3679 Infinite Loop vulnerability in multiple products
A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way.
local
low complexity
linux redhat debian CWE-835
5.5
5.5
2021-07-30 CVE-2021-3636 Improper Authentication vulnerability in Redhat Openshift
It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates.
low complexity
redhat CWE-287
4.6
4.6
2021-07-09 CVE-2021-3541 XML Entity Expansion vulnerability in multiple products
A flaw was found in libxml2.
network
low complexity
xmlsoft redhat oracle netapp CWE-776
6.5
6.5
2021-07-06 CVE-2021-3598 There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5.
local
low complexity
openexr redhat debian
5.5
5.5
2021-06-10 CVE-2021-20293 A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType.
network
low complexity
redhat netapp
6.1
6.1
2021-06-09 CVE-2021-0129 Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
low complexity
bluez redhat debian
5.7
5.7
2021-06-07 CVE-2020-1750 Unspecified vulnerability in Redhat Machine-Config-Operator
A flaw was found in the machine-config-operator that causes an OpenShift node to become unresponsive when a container consumes a large amount of memory.
network
low complexity
redhat
6.5
6.5
2021-06-07 CVE-2020-1690 Unspecified vulnerability in Redhat Openstack-Selinux and Openstack Platform
An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation.
local
low complexity
redhat
6.5
6.5
2021-06-07 CVE-2020-1719 Unspecified vulnerability in Redhat Wildfly
A flaw was found in wildfly.
network
low complexity
redhat
5.4
5.4