Tag Id Distro CVE ID Type Severity Packages Source Package Package Version Package License CVSS Fix Status Risk Factors Description Cause Containers Published Vulnerability Link

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-3580

OS

moderate

nettle

3.4.1-4.el8_3

LGPLv3+ or GPLv2+

7.5

affected

Attack complexity: low, Attack vector: network, DoS, Medium severity, Recent vulnerability

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

1

2021-08-05 21:15:00.000

https://access.redhat.com/security/cve/CVE-2021-3580

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2020-16135

OS

low

libssh

0.9.4-2.el8

LGPLv2+

5.9

open

Attack vector: network, Recent vulnerability

libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.

1

2020-07-29 21:15:00.000

https://access.redhat.com/security/cve/cve-2020-16135

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-22898

OS

low

curl

7.61.1-18.el8

MIT

3.1

affected

Attack vector: network, Recent vulnerability

curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPT_TELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.

1

2021-06-11 16:15:00.000

https://access.redhat.com/security/cve/CVE-2021-22898

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-22876

OS

moderate

curl

7.61.1-18.el8

MIT

3.7

affected

Attack vector: network, Medium severity, Recent vulnerability

curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.

1

2021-04-01 18:15:00.000

https://access.redhat.com/security/cve/CVE-2021-22876

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-22923

OS

moderate

curl

7.61.1-18.el8

MIT

5.7

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user's expectations and intentions and without telling the user it happened.

1

2021-08-05 21:15:00.000

https://access.redhat.com/security/cve/CVE-2021-22923

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-22922

OS

moderate

curl

7.61.1-18.el8

MIT

5.7

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk.

1

2021-08-05 21:15:00.000

https://access.redhat.com/security/cve/CVE-2021-22922

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-22924

OS

moderate

curl

7.61.1-18.el8

MIT

3.1

affected

Attack vector: network, Medium severity, Recent vulnerability

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take \'issuercert\' into account and it compared the involved paths case insensitively,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the \'issuer cert\' which a transfer can setto qualify how to verify the server certificate.

1

2021-08-05 21:15:00.000

https://access.redhat.com/security/cve/CVE-2021-22924

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-22925

OS

low

curl

7.61.1-18.el8

MIT

3.1

affected

Attack vector: network, Recent vulnerability

curl supports the -t command line option, known as CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.

1

2021-08-05 21:15:00.000

https://access.redhat.com/security/cve/CVE-2021-22925

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-28153

OS

low

glib2

2.56.4-10.el8_4.1

LGPLv2+

5.3

affected

Attack complexity: low, Attack vector: network, Recent vulnerability

An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)

1

2021-03-11 22:15:00.000

https://access.redhat.com/security/cve/CVE-2021-28153

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-33574

OS

low

glibc

2.28-151.el8

LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ and GPLv2+ with exceptions and BSD and Inner-Net and ISC and Public Domain and GFDL

5.9

affected

Attack vector: network, DoS, Package in use, Recent vulnerability

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.

1

2021-05-25 22:15:00.000

https://access.redhat.com/security/cve/CVE-2021-33574

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-35942

OS

moderate

glibc

2.28-151.el8

LGPLv2+ and LGPLv2+ with exceptions and GPLv2+ and GPLv2+ with exceptions and BSD and Inner-Net and ISC and Public Domain and GFDL

9.1

affected

Attack complexity: low, Attack vector: network, DoS, Medium severity, Package in use, Recent vulnerability

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations.

1

2021-07-22 18:15:00.000

https://access.redhat.com/security/cve/CVE-2021-35942

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-36087

OS

moderate

libsepol

2.9-2.el8

LGPLv2+

3.3

affected

Attack complexity: low, Medium severity, Recent vulnerability

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.

1

2021-07-01 03:15:00.000

https://access.redhat.com/security/cve/CVE-2021-36087

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-36085

OS

moderate

libsepol

2.9-2.el8

LGPLv2+

3.3

affected

Attack complexity: low, Medium severity, Recent vulnerability

The CIL compiler in SELinux 3.2 has a use-after-free in cil_verify_classperms (called from verify_map_perm_classperms and hashtab_map).

1

2021-07-01 03:15:00.000

https://access.redhat.com/security/cve/CVE-2021-36085

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-36084

OS

moderate

libsepol

2.9-2.el8

LGPLv2+

3.3

affected

Attack complexity: low, Medium severity, Recent vulnerability

The CIL compiler in SELinux 3.2 has a use-after-free in cil_verify_classperms (called from cil_verify_classpermission and __cil_pre_verify_helper).

1

2021-07-01 03:15:00.000

https://access.redhat.com/security/cve/CVE-2021-36084

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-36086

OS

moderate

libsepol

2.9-2.el8

LGPLv2+

3.3

affected

Attack complexity: low, Medium severity, Recent vulnerability

The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).

1

2021-07-01 03:15:00.000

https://access.redhat.com/security/cve/CVE-2021-36086

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-33560

OS

moderate

libgcrypt

1.8.5-4.el8

LGPLv2+

7.5

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. (There is also an interoperability problem because the selection of the k integer value does not properly consider the differences between basic ElGamal encryption and generalized ElGamal encryption.) This, for example, affects use of ElGamal in OpenPGP.

1

2021-06-08 11:15:00.000

https://access.redhat.com/security/cve/CVE-2021-33560

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2020-14155

OS

low

pcre

8.42-4.el8

BSD

5.3

affected

Attack complexity: low, Attack vector: network, Recent vulnerability

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a

1

2020-06-15 17:15:00.000

https://access.redhat.com/security/cve/CVE-2020-14155

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2019-20838

OS

low

pcre

8.42-4.el8

BSD

7.5

affected

Attack complexity: low, Attack vector: network

libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \\X or \\R has more than one fixed quantifier, a related issue to CVE-2019-20454.

1

2020-06-15 17:15:00.000

https://access.redhat.com/security/cve/CVE-2019-20838

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-20232

OS

moderate

gnutls

3.6.14-8.el8_3

GPLv3+ and LGPLv2+

3.7

affected

Attack vector: network, Medium severity, Recent vulnerability

A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.

1

2021-03-12 19:15:00.000

https://access.redhat.com/security/cve/CVE-2021-20232

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-20231

OS

moderate

gnutls

3.6.14-8.el8_3

GPLv3+ and LGPLv2+

3.7

affected

Attack vector: network, Medium severity, Recent vulnerability

A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.

1

2021-03-12 19:15:00.000

https://access.redhat.com/security/cve/CVE-2021-20231

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-3421

OS

moderate

rpm

4.14.3-14.el8_4

GPLv2+

4.7

affected

Medium severity, Recent vulnerability

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

1

2021-05-19 14:15:00.000

https://access.redhat.com/security/cve/CVE-2021-3421

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-20266

OS

low

rpm

4.14.3-14.el8_4

GPLv2+

3.1

affected

Attack vector: network, Recent vulnerability

A flaw was found in RPM's hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability.

1

2021-04-30 12:15:00.000

https://access.redhat.com/security/cve/CVE-2021-20266

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-23841

OS

moderate

openssl

1.1.1g-15.el8_3

OpenSSL and ASL 2.0

5.9

affected

Attack vector: network, DoS, Medium severity, Recent vulnerability

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).

1

2021-02-16 17:15:00.000

https://access.redhat.com/security/cve/CVE-2021-23841

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-23840

OS

moderate

openssl

1.1.1g-15.el8_3

OpenSSL and ASL 2.0

7.5

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).

1

2021-02-16 17:15:00.000

https://access.redhat.com/security/cve/CVE-2021-23840

console_21_08_514

sha256:58c779558b2751e06c96a12e96379d1792f4352b8ea20fddbba0519048b395d9

redhat-RHEL8

CVE-2021-3712

OS

moderate

openssl

1.1.1g-15.el8_3

OpenSSL and ASL 2.0

6.5

affected

Attack complexity: low, Attack vector: network, Medium severity, Recent vulnerability

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own \"d2i\" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the \"data\" and \"length\" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the \"data\" field, then a read buffer overrun can occur. The same thing can also occur during name constraints proc

1

2021-08-24 15:15:00.000

https://access.redhat.com/security/cve/CVE-2021-3712