Vulnerabilities > Redhat > Software Collections
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-04 | CVE-2021-3656 | Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. | 8.8 |
| 2022-03-04 | CVE-2021-23214 | SQL Injection vulnerability in multiple products When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. | 8.1 |
| 2022-03-02 | CVE-2021-3677 | Information Exposure vulnerability in multiple products A flaw was found in postgresql. | 6.5 |
| 2022-03-02 | CVE-2022-0711 | Infinite Loop vulnerability in multiple products A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. | 7.5 |
| 2022-01-01 | CVE-2021-41819 | Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. | 7.5 |
| 2022-01-01 | CVE-2021-41817 | Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service) via a long string. | 7.5 |
| 2021-12-14 | CVE-2021-4104 | Deserialization of Untrusted Data vulnerability in multiple products JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. | 7.5 |
| 2021-10-04 | CVE-2021-32672 | Out-of-bounds Read vulnerability in multiple products Redis is an open source, in-memory database that persists on disk. | 4.3 |
| 2021-06-01 | CVE-2021-32027 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. | 8.8 |
| 2021-05-20 | CVE-2021-3426 | Path Traversal vulnerability in multiple products There's a flaw in Python 3's pydoc. | 5.7 |