Vulnerabilities > Redhat > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-27 | CVE-2020-10688 | Cross-site Scripting vulnerability in Redhat products A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. | 6.1 |
| 2021-05-27 | CVE-2020-10697 | Unspecified vulnerability in Redhat Ansible Tower A flaw was found in Ansible Tower when running Openshift. | 4.4 |
| 2021-05-27 | CVE-2020-10701 | Missing Authorization vulnerability in Redhat Libvirt A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. | 6.5 |
| 2021-05-27 | CVE-2020-10716 | A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. | 6.5 |
| 2021-05-27 | CVE-2020-10729 | Use of Insufficiently Random Values vulnerability in multiple products A flaw was found in the use of insufficiently random values in Ansible. | 5.5 |
| 2021-05-27 | CVE-2020-27831 | Insufficiently Protected Credentials vulnerability in Redhat Quay A flaw was found in Red Hat Quay, where it does not properly protect the authorization token when authorizing email addresses for repository email notifications. | 4.3 |
| 2021-05-27 | CVE-2021-30501 | Reachable Assertion vulnerability in multiple products An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. | 5.5 |
| 2021-05-27 | CVE-2021-3509 | Cross-site Scripting vulnerability in Redhat Ceph Storage 4.0 A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component. | 6.1 |
| 2021-05-26 | CVE-2020-27839 | Insufficiently Protected Credentials vulnerability in Redhat Ceph A flaw was found in ceph-dashboard. | 5.4 |
| 2021-05-26 | CVE-2021-30469 | Use After Free vulnerability in multiple products A flaw was found in PoDoFo 0.9.7. | 5.5 |