Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-26	CVE-2021-20289	Information Exposure Through an Error Message vulnerability in multiple products A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. network low complexity redhat netapp quarkus oracle CWE-209	5.3
2021-03-26	CVE-2021-20197	Link Following vulnerability in multiple products There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. local high complexity gnu redhat netapp broadcom CWE-59	6.3
2021-03-26	CVE-2020-35518	Information Exposure Through Discrepancy vulnerability in Redhat 389 Directory Server When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. network low complexity redhat CWE-203	5.3
2021-03-26	CVE-2020-35508	A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. local high complexity linux redhat netapp	4.5
2021-03-25	CVE-2021-3446	Use of Insufficiently Random Values vulnerability in multiple products A flaw was found in libtpms in versions before 0.8.2. local low complexity libtpms-project redhat fedoraproject CWE-330	5.5
2021-03-25	CVE-2021-3443	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. local low complexity jasper-project redhat fedoraproject CWE-476	5.5
2021-03-23	CVE-2021-3409	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. local low complexity qemu redhat fedoraproject debian CWE-119	5.7
2021-03-19	CVE-2019-10225	Insufficiently Protected Credentials vulnerability in Redhat Openshift and Openshift Container Platform A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. network low complexity redhat CWE-522	6.3
2021-03-18	CVE-2021-3416	Infinite Loop vulnerability in multiple products A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. local low complexity qemu fedoraproject redhat debian CWE-835	6.0
2021-03-18	CVE-2019-3867	Insufficient Session Expiration vulnerability in Redhat Quay 2.0.0/3.0.0 A vulnerability was found in the Quay web application. low complexity redhat CWE-613	4.1