Tag Id Distro CVE ID Type Severity Packages Source Package Package Version Package License CVSS Fix Status Risk Factors Description Cause Published Binaries Vulnerability Link

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2021-27218

OS

moderate

glib2

2.56.4-8.el8

LGPLv2+

7.5

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation.

2021-02-15 17:15:00.000

https://access.redhat.com/security/cve/CVE-2021-27218

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2021-27219

OS

moderate

glib2

2.56.4-8.el8

LGPLv2+

7.5

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.

2021-02-15 17:15:00.000

https://access.redhat.com/security/cve/CVE-2021-27219

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2021-28153

OS

low

glib2

2.56.4-8.el8

LGPLv2+

5.3

affected

Attack complexity: low, Attack vector: network, Recent vulnerability

An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)

2021-03-11 22:15:00.000

https://access.redhat.com/security/cve/CVE-2021-28153

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-12762

OS

moderate

json-c

0.13.1-0.2.el8

MIT

7.8

affected

Attack complexity: low, Medium severity, Recent vulnerability

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

2020-05-09 18:15:00.000

https://access.redhat.com/security/cve/CVE-2020-12762

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-8231

OS

low

curl

7.61.1-14.el8_3.1

MIT

3.7

affected

Attack vector: network, Recent vulnerability

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.

2020-12-14 20:15:00.000

https://access.redhat.com/security/cve/CVE-2020-8231

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-8284

OS

moderate

curl

7.61.1-14.el8_3.1

MIT

3.1

affected

Attack vector: network, Medium severity, Recent vulnerability

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.

2020-12-14 20:15:00.000

https://access.redhat.com/security/cve/CVE-2020-8284

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-8285

OS

moderate

curl

7.61.1-14.el8_3.1

MIT

6.5

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

2020-12-14 20:15:00.000

https://access.redhat.com/security/cve/CVE-2020-8285

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-8286

OS

moderate

curl

7.61.1-14.el8_3.1

MIT

7.4

affected

Attack vector: network, Medium severity, Recent vulnerability

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

2020-12-14 20:15:00.000

https://access.redhat.com/security/cve/CVE-2020-8286

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2021-22876

OS

moderate

curl

7.61.1-14.el8_3.1

MIT

3.7

affected

Attack vector: network, Medium severity, Recent vulnerability

curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.

2021-04-01 18:15:00.000

https://access.redhat.com/security/cve/CVE-2021-22876

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2021-23840

OS

moderate

openssl

1.1.1g-15.el8_3

OpenSSL and ASL 2.0

7.5

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).

2021-02-16 17:15:00.000

https://access.redhat.com/security/cve/CVE-2021-23840

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2021-23841

OS

moderate

openssl

1.1.1g-15.el8_3

OpenSSL and ASL 2.0

5.9

affected

Attack vector: network, DoS, Medium severity, Recent vulnerability

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).

2021-02-16 17:15:00.000

https://access.redhat.com/security/cve/CVE-2021-23841

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-13776

OS

moderate

systemd

239-41.el8_3.2

LGPLv2+ and MIT and GPLv2+

6.7

affected

Medium severity, Recent vulnerability

systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.

2020-06-03 03:15:00.000

https://access.redhat.com/security/cve/CVE-2020-13776

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2019-25013

OS

important

glibc

2.28-127.el8_3.2

LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ and GPLv2+ with exceptions and BSD and Inner-Net and ISC and Public Domain and GFDL

4.8

affected

Attack vector: network, High severity, Package in use

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.

2021-01-04 18:15:00.000

/usr/bin/mongod

https://access.redhat.com/security/cve/CVE-2019-25013

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-27618

OS

low

glibc

2.28-127.el8_3.2

LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ and GPLv2+ with exceptions and BSD and Inner-Net and ISC and Public Domain and GFDL

5.5

affected

Attack complexity: low, DoS, Package in use, Recent vulnerability

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.

2021-02-26 23:15:00.000

/usr/bin/mongod

https://access.redhat.com/security/cve/CVE-2020-27618

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2021-3326

OS

moderate

glibc

2.28-127.el8_3.2

LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ and GPLv2+ with exceptions and BSD and Inner-Net and ISC and Public Domain and GFDL

7.5

affected

Attack complexity: low, Attack vector: network, DoS, Medium severity, Package in use, Recent vulnerability

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

2021-01-27 20:15:00.000

/usr/bin/mongod

https://access.redhat.com/security/cve/CVE-2021-3326

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-29361

OS

moderate

p11-kit

0.23.14-5.el8_0

BSD

7.5

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.

2020-12-16 14:15:00.000

https://access.redhat.com/security/cve/CVE-2020-29361

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-29362

OS

moderate

p11-kit

0.23.14-5.el8_0

BSD

5.3

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.

2020-12-16 14:15:00.000

https://access.redhat.com/security/cve/CVE-2020-29362

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-29363

OS

moderate

p11-kit

0.23.14-5.el8_0

BSD

7.5

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.

2020-12-16 14:15:00.000

https://access.redhat.com/security/cve/CVE-2020-29363

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2019-20838

OS

low

pcre

8.42-4.el8

BSD

7.5

affected

Attack complexity: low, Attack vector: network

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.

2020-06-15 17:15:00.000

https://access.redhat.com/security/cve/CVE-2019-20838

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-14155

OS

low

pcre

8.42-4.el8

BSD

5.3

affected

Attack complexity: low, Attack vector: network, Recent vulnerability

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a

2020-06-15 17:15:00.000

https://access.redhat.com/security/cve/CVE-2020-14155

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2020-8927

OS

moderate

brotli

1.0.6-2.el8

MIT

6.5

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a \"one-shot\" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the \"streaming\" API as opposed to the \"one-shot\" API, and impose chunk size limits.

2020-09-15 10:15:00.000

https://access.redhat.com/security/cve/CVE-2020-8927

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2021-20271

OS

moderate

rpm

4.14.3-4.el8

GPLv2+

6.7

affected

Medium severity, Recent vulnerability

A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.

2021-03-26 17:15:00.000

https://access.redhat.com/security/cve/CVE-2021-20271

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2021-20231

OS

moderate

gnutls

3.6.14-8.el8_3

GPLv3+ and LGPLv2+

3.7

affected

Attack vector: network, Medium severity, Recent vulnerability

A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.

2021-03-12 19:15:00.000

https://access.redhat.com/security/cve/CVE-2021-20231

console_21_04_412

sha256:f14353e6c0b9c1fa4b754bbe168605a5d6d62e7d7d918bf6e6f402f87aeb3b61

redhat-RHEL8

CVE-2021-20232

OS

moderate

gnutls

3.6.14-8.el8_3

GPLv3+ and LGPLv2+

3.7

affected

Attack vector: network, Medium severity, Recent vulnerability

A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.

2021-03-12 19:15:00.000

https://access.redhat.com/security/cve/CVE-2021-20232