Vulnerabilities > Redhat > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-08-09 CVE-2019-14433 Information Exposure Through an Error Message vulnerability in multiple products
An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2.
network
low complexity
openstack canonical redhat debian CWE-209
6.5
6.5
2019-08-02 CVE-2019-10176 Unspecified vulnerability in Redhat Openshift Container Platform 3.11/4.1
A flaw was found in OpenShift Container Platform, versions 3.11 and later, in which the CSRF tokens used in the cluster console component were found to remain static during a user's session.
network
low complexity
redhat
5.4
5.4
2019-08-01 CVE-2019-3884 Unspecified vulnerability in Redhat Openshift
A vulnerability exists in the garbage collection mechanism of atomic-openshift.
network
low complexity
redhat
5.4
5.4
2019-07-31 CVE-2019-10198 Missing Authentication for Critical Function vulnerability in multiple products
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7.
network
low complexity
theforeman redhat CWE-306
6.5
6.5
2019-07-31 CVE-2019-10182 It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files.
network
low complexity
icedtea-web-project redhat
6.5
6.5
2019-07-31 CVE-2019-10357 Missing Authorization vulnerability in multiple products
A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries.
network
low complexity
jenkins redhat CWE-862
4.3
4.3
2019-07-30 CVE-2019-10156 A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution.
network
low complexity
redhat debian
5.4
5.4
2019-07-30 CVE-2019-10153 A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception.
network
low complexity
clusterlabs redhat
5.0
5.0
2019-07-23 CVE-2019-2879 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle redhat
4.9
4.9
2019-07-23 CVE-2019-2834 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle redhat
6.5
6.5