Filtered by vendor Redhat Subscriptions
Filtered by product Acm Subscriptions
Total 179 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-23369 2 Handlebarsjs, Redhat 5 Handlebars, Acm, Jboss Enterprise Bpms Platform and 2 more 2024-11-21 5.6 Medium
The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
CVE-2021-23368 2 Postcss, Redhat 4 Postcss, Acm, Openshift and 1 more 2024-11-21 5.3 Medium
The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
CVE-2021-23364 2 Browserslist Project, Redhat 3 Browserslist, Acm, Quay 2024-11-21 5.3 Medium
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
CVE-2021-23362 3 Npmjs, Redhat, Siemens 7 Hosted-git-info, Acm, Enterprise Linux and 4 more 2024-11-21 5.3 Medium
The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity.
CVE-2021-23358 5 Debian, Fedoraproject, Redhat and 2 more 6 Debian Linux, Fedora, Acm and 3 more 2024-11-21 3.3 Low
The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.
CVE-2021-23346 2 Html-parse-stringify Project, Redhat 2 Html-parse-stringify, Acm 2024-11-21 4.8 Medium
This affects the package html-parse-stringify before 2.0.1; all versions of package html-parse-stringify2. Sending certain input could cause one of the regular expressions that is used for parsing to backtrack, freezing the process.
CVE-2021-23343 2 Path-parse Project, Redhat 7 Path-parse, Acm, Advanced Cluster Security and 4 more 2024-11-21 5.3 Medium
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.
CVE-2021-23337 5 Lodash, Netapp, Oracle and 2 more 29 Lodash, Active Iq Unified Manager, Cloud Manager and 26 more 2024-11-21 7.2 High
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
CVE-2021-23017 6 F5, Fedoraproject, Netapp and 3 more 19 Nginx, Fedora, Ontap Select Deploy Administration Utility and 16 more 2024-11-21 7.7 High
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2021-22963 2 Fastify, Redhat 2 Fastify-static, Acm 2024-11-21 6.1 Medium
A redirect vulnerability in the fastify-static module version < 4.2.4 allows remote attackers to redirect users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//google.com/%2e%2e.The issue shows up on all the fastify-static applications that set redirect: true option. By default, it is false.
CVE-2021-21322 2 Fastify-http-proxy Project, Redhat 2 Fastify-http-proxy, Acm 2024-11-21 10 Critical
fastify-http-proxy is an npm package which is a fastify plugin for proxying your http requests to another server, with hooks. By crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is `/pub/`, a user expect that accessing `/priv` on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.3.1.
CVE-2021-21321 2 Fastify-reply-from Project, Redhat 2 Fastify-reply-from, Acm 2024-11-21 10 Critical
fastify-reply-from is an npm package which is a fastify plugin to forward the current http request to another server. In fastify-reply-from before version 4.0.2, by crafting a specific URL, it is possible to escape the prefix of the proxied backend service. If the base url of the proxied server is "/pub/", a user expect that accessing "/priv" on the target service would not be possible. In affected versions, it is possible. This is fixed in version 4.0.2.
CVE-2021-21309 2 Redhat, Redislabs 2 Acm, Redis 2024-11-21 5.4 Medium
Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug in 32-bit Redis version 4.0 or newer could be exploited to corrupt the heap and potentially result with remote code execution. Redis 4.0 or newer uses a configurable limit for the maximum supported bulk input size. By default, it is 512MB which is a safe value for all platforms. If the limit is significantly increased, receiving a large request from a client may trigger several integer overflow scenarios, which would result with buffer overflow and heap corruption. We believe this could in certain conditions be exploited for remote code execution. By default, authenticated Redis users have access to all configuration parameters and can therefore use the “CONFIG SET proto-max-bulk-len” to change the safe default, making the system vulnerable. **This problem only affects 32-bit Redis (on a 32-bit system, or as a 32-bit executable running on a 64-bit system).** The problem is fixed in version 6.2, and the fix is back ported to 6.0.11 and 5.0.11. Make sure you use one of these versions if you are running 32-bit Redis. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent clients from directly executing `CONFIG SET`: Using Redis 6.0 or newer, ACL configuration can be used to block the command. Using older versions, the `rename-command` configuration directive can be used to rename the command to a random string unknown to users, rendering it inaccessible. Please note that this workaround may have an additional impact on users or operational systems that expect `CONFIG SET` to behave in certain ways.
CVE-2021-21272 2 Deislabs, Redhat 2 Oras, Acm 2024-11-21 7.7 High
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the downloaded gzipped tarballs to be automatically extracted to the user-specified directory where the tarball can have symbolic links and hard links. A well-crafted tarball or tarballs allow malicious artifact providers linking, writing, or overwriting specific files on the host filesystem outside of the user-specified directory unexpectedly with the same permissions as the user who runs `oras pull`. Users of the affected versions are impacted if they are `oras` CLI users who runs `oras pull`, or if they are Go programs, which invoke `github.com/deislabs/oras/pkg/content.FileStore`. The problem has been fixed in version 0.9.0. For `oras` CLI users, there is no workarounds other than pulling from a trusted artifact provider. For `oras` package users, the workaround is to not use `github.com/deislabs/oras/pkg/content.FileStore`, and use other content stores instead, or pull from a trusted artifact provider.
CVE-2020-35668 2 Redhat, Redislabs 2 Acm, Redisgraph 2024-11-21 7.5 High
RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced.
CVE-2020-35381 3 Fedoraproject, Jsonparser Project, Redhat 3 Fedora, Jsonparser, Acm 2024-11-21 7.5 High
jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.
CVE-2020-35149 2 Mquery Project, Redhat 2 Mquery, Acm 2024-11-21 5.3 Medium
lib/utils.js in mquery before 3.2.3 allows a pollution attack because a special property (e.g., __proto__) can be copied during a merge or clone operation.
CVE-2020-29529 2 Hashicorp, Redhat 2 Go-slug, Acm 2024-11-21 7.5 High
HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. Fixed in 0.5.0.
CVE-2020-28852 2 Golang, Redhat 5 Text, Acm, Enterprise Linux and 2 more 2024-11-21 7.5 High
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
CVE-2020-28851 2 Golang, Redhat 5 Go, Acm, Enterprise Linux and 2 more 2024-11-21 7.5 High
In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)