Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-28 | CVE-2021-3514 | Unspecified vulnerability in Redhat 389 Directory Server When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash. | 6.5 |
| 2021-05-28 | CVE-2020-1729 | Incorrect Authorization vulnerability in Redhat Smallrye Config A flaw was found in SmallRye's API through version 1.6.1. | 4.4 |
| 2021-05-28 | CVE-2020-27826 | Unspecified vulnerability in Redhat Keycloak A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. | 4.2 |
| 2021-05-28 | CVE-2021-20201 | A flaw was found in spice in versions before 0.14.92. | 5.3 |
| 2021-05-28 | CVE-2021-20292 | There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. | 6.7 |
| 2021-05-27 | CVE-2020-14301 | An information disclosure vulnerability was found in libvirt in versions before 6.3.0. | 6.5 |
| 2021-05-27 | CVE-2020-14327 | Unspecified vulnerability in Redhat Ansible Tower A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and before 3.7.2. | 5.5 |
| 2021-05-27 | CVE-2020-1761 | Unspecified vulnerability in Redhat Openshift A flaw was found in the OpenShift web console, where the access token is stored in the browser's local storage. | 6.1 |
| 2021-05-27 | CVE-2020-10688 | Unspecified vulnerability in Redhat products A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. | 6.1 |
| 2021-05-27 | CVE-2020-10697 | Unspecified vulnerability in Redhat Ansible Tower A flaw was found in Ansible Tower when running Openshift. | 4.4 |