Vulnerabilities > Redhat > Software Collections
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-20 | CVE-2021-3426 | Path Traversal vulnerability in multiple products There's a flaw in Python 3's pydoc. | 5.7 |
2021-04-01 | CVE-2021-3393 | An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. | 4.3 |
2021-03-23 | CVE-2021-20270 | Infinite Loop vulnerability in multiple products An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. | 7.5 |
2021-03-19 | CVE-2019-10196 | A flaw was found in http-proxy-agent, prior to version 2.1.0. | 9.8 |
2021-02-23 | CVE-2021-20229 | A flaw was found in PostgreSQL in versions before 13.2. | 4.3 |
2020-12-03 | CVE-2020-27783 | A XSS vulnerability was discovered in python-lxml's clean module. | 6.1 |
2020-08-07 | CVE-2020-9490 | HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. | 7.5 |
2020-03-17 | CVE-2020-1720 | Missing Authorization vulnerability in multiple products A flaw was found in PostgreSQL's "ALTER ... | 6.5 |
2020-02-20 | CVE-2014-4650 | Path Traversal vulnerability in multiple products The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator. | 9.8 |
2020-02-07 | CVE-2019-15605 | HTTP Request Smuggling vulnerability in multiple products HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed | 9.8 |