ovirt-engine-ui-extensions vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the ovirt-engine-ui-extensions package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Resource Exhaustion	<0:1.3.3-1.el8ev
M Cleartext Storage of Sensitive Information	<0:1.3.6-1.el8ev
M Exposure of Private Information ('Privacy Violation')	<0:1.3.6-1.el8ev
H Information Exposure	<0:1.3.5-1.el8ev
H CVE-2021-22096	<0:1.3.5-1.el8ev
L Resource Exhaustion	*
H Directory Traversal	<0:1.3.7-1.el8ev
M OS Command Injection	<0:1.2.6-1.el8ev
M Resource Exhaustion	<0:1.2.6-1.el8ev
L Resource Exhaustion	*
L Resource Exhaustion	*
L Resource Exhaustion	*
M Cross-site Scripting (XSS)	<0:1.2.3-1.el8ev
M Resource Exhaustion	<0:1.2.7-1.el8ev
L Resource Exhaustion	*
M Improper Input Validation	<0:1.2.3-1.el8ev
L Resource Exhaustion	*
L Information Exposure	*
H User Interface (UI) Misrepresentation of Critical Information	<0:1.2.2-1.el8ev
H Cross-site Scripting (XSS)	<0:1.2.2-1.el8ev
H XML External Entity (XXE) Injection	<0:1.2.2-1.el8ev
H Cross-site Scripting (XSS)	<0:1.2.2-1.el8ev
L Resource Exhaustion	*
M Cross-site Scripting (XSS)	<0:1.2.5-1.el8ev
H Deserialization of Untrusted Data	<0:1.3.7-1.el8ev
M Resource Exhaustion	<0:1.2.5-1.el8ev
H Resource Exhaustion	<0:1.3.5-1.el8ev
M Improper Cross-boundary Removal of Sensitive Data	*
M Cross-site Scripting (XSS)	<0:1.3.3-1.el8ev
M Cross-site Scripting (XSS)	<0:1.3.3-1.el8ev
M Cross-site Scripting (XSS)	<0:1.3.3-1.el8ev
M Resource Exhaustion	<0:1.3.3-1.el8ev
M Resource Exhaustion	<0:1.2.7-1.el8ev
H Cross-site Scripting (XSS)	<0:1.2.2-1.el8ev
H Improper Input Validation	<0:1.2.2-1.el8ev
H Cross-site Scripting (XSS)	<0:1.2.2-1.el8ev
H Cross-site Scripting (XSS)	<0:1.2.2-1.el8ev
M Resource Exhaustion	<0:1.3.3-1.el8ev
L Arbitrary Code Injection	*
L Allocation of Resources Without Limits or Throttling	*
M Resource Exhaustion	*
H Arbitrary Code Injection	<0:1.3.5-1.el8ev
M Resource Exhaustion	<0:1.2.7-1.el8ev
H Deserialization of Untrusted Data	<0:1.2.2-1.el8ev

Vulnerability

Vulnerable Version

Resource Exhaustion

<0:1.3.3-1.el8ev

Cleartext Storage of Sensitive Information

<0:1.3.6-1.el8ev

Exposure of Private Information ('Privacy Violation')

<0:1.3.6-1.el8ev

Information Exposure

<0:1.3.5-1.el8ev

CVE-2021-22096

<0:1.3.5-1.el8ev