Vulnerabilities > Redhat > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-23 CVE-2021-20229 A flaw was found in PostgreSQL in versions before 13.2.
network
low complexity
postgresql redhat fedoraproject
4.3
4.3
2021-02-23 CVE-2021-20220 HTTP Request Smuggling vulnerability in multiple products
A flaw was found in Undertow.
network
high complexity
redhat netapp CWE-444
4.8
4.8
2021-01-29 CVE-2019-25014 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0.
network
low complexity
istio redhat CWE-476
6.5
6.5
2021-01-28 CVE-2020-1725 Incorrect Authorization vulnerability in Redhat Keycloak
A flaw was found in keycloak before version 13.0.0.
network
low complexity
redhat CWE-863
5.4
5.4
2021-01-28 CVE-2020-1723 Open Redirect vulnerability in multiple products
A flaw was found in Keycloak Gatekeeper (Louketo).
network
low complexity
redhat keycloak-gatekeeper-project CWE-601
6.1
6.1
2021-01-26 CVE-2020-35513 A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2.
network
low complexity
linux redhat
4.9
4.9
2021-01-12 CVE-2020-25657 A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext.
network
high complexity
m2crypto-project redhat fedoraproject
5.9
5.9
2021-01-08 CVE-2020-25678 A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text.
local
low complexity
redhat fedoraproject
4.4
4.4
2021-01-07 CVE-2020-25680 Unspecified vulnerability in Redhat Jboss Core Services Httpd 2.4.37
A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file's ID is 'unknown'.
network
low complexity
redhat
5.4
5.4
2021-01-05 CVE-2020-27842 There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0.
local
low complexity
uclouvain fedoraproject debian redhat oracle
5.5
5.5