Redhat : Security Vulnerabilities, CVEs, Published In April 2017 (Information Leak)

CVE-2017-5046

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.
Max CVSS
4.3
EPSS Score
0.99%
Published
2017-04-24
Updated
2022-04-22

CVE-2016-7060

The web interface in Red Hat QuickStart Cloud Installer (QCI) 1.0 does not mask passwords fields, which allows physically proximate attackers to obtain sensitive password information by reading the display.
Max CVSS
4.6
EPSS Score
0.09%
Published
2017-04-14
Updated
2017-04-25

CVE-2016-5409

Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.
Max CVSS
7.5
EPSS Score
0.29%
Published
2017-04-20
Updated
2019-12-17

CVE-2016-3702

Padding oracle flaw in CloudForms Management Engine (aka CFME) 5 allows remote attackers to obtain sensitive cleartext information.
Max CVSS
5.3
EPSS Score
0.12%
Published
2017-04-21
Updated
2017-04-27
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close