Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2021:0975
HistoryMar 23, 2021 - 2:56 p.m.

(RHSA-2021:0975) Important: pki-core security update

2021-03-2314:56:13
access.redhat.com
54

0.001 Low

EPSS

Percentile

51.0%

JSON

The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.

Security Fix(es):

  • pki-core: Unprivileged users can renew any certificate (CVE-2021-20179)

  • pki-core: XSS in the certificate search results (CVE-2020-25715)

  • pki-core: Reflected XSS in ‘path length’ constraint field in CA’s Agent page (CVE-2019-10146)

  • pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA’s DRM agent page in authorize recovery tab (CVE-2019-10179)

  • pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)

  • pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7ppc64lepki-core-debuginfo< 10.5.16-7.el7_7pki-core-debuginfo-10.5.16-7.el7_7.ppc64le.rpm
RedHat7ppc64lepki-symkey< 10.5.16-7.el7_7pki-symkey-10.5.16-7.el7_7.ppc64le.rpm
RedHat7s390xpki-symkey< 10.5.16-7.el7_7pki-symkey-10.5.16-7.el7_7.s390x.rpm
RedHat7ppc64pki-symkey< 10.5.16-7.el7_7pki-symkey-10.5.16-7.el7_7.ppc64.rpm
RedHat7x86_64pki-core-debuginfo< 10.5.16-7.el7_7pki-core-debuginfo-10.5.16-7.el7_7.x86_64.rpm
RedHat7noarchpki-base-java< 10.5.16-7.el7_7pki-base-java-10.5.16-7.el7_7.noarch.rpm
RedHat7noarchpki-kra< 10.5.16-7.el7_7pki-kra-10.5.16-7.el7_7.noarch.rpm
RedHat7ppc64pki-tools< 10.5.16-7.el7_7pki-tools-10.5.16-7.el7_7.ppc64.rpm
RedHat7s390xpki-tools< 10.5.16-7.el7_7pki-tools-10.5.16-7.el7_7.s390x.rpm
RedHat7ppc64pki-core-debuginfo< 10.5.16-7.el7_7pki-core-debuginfo-10.5.16-7.el7_7.ppc64.rpm
Rows per page:
1-10 of 181

Related

centos 1
nessus 27
amazon 1
redhat 5
openvas 13
oraclelinux 3
osv 8
redhatcve 6
cvelist 6
veracode 6
prion 6
cve 6
ubuntucve 6
nvd 6
debiancve 6
rocky 2
almalinux 2
fedora 4
centos
centos
pki security update
2021-03-18 19:15:06
nessus
nessus
NewStart CGSL CORE 5.05 / MAIN 5.05 : pki-core Multiple Vulnerabilities (NS-SA-2022-0029)
2022-05-09 00:00:00
Oracle Linux 7 : pki-core (ELSA-2021-0851)
2021-03-17 00:00:00
RHEL 7 : pki-core (RHSA-2021:0819)
2021-03-15 00:00:00
amazon
amazon
Important: pki-core
2021-04-20 17:55:00
redhat
redhat
(RHSA-2021:0851) Important: pki-core security and bug fix update
2021-03-16 10:25:35
(RHSA-2021:0819) Important: pki-core security update
2021-03-15 12:19:34
(RHSA-2021:1263) Important: pki-core:10.6 security and bug fix update
2021-04-20 09:16:55
openvas
openvas
CentOS: Security Advisory for pki-base (CESA-2021:0851)
2021-03-19 00:00:00
Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2021-1831)
2021-05-03 00:00:00
Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2021-1346)
2021-02-22 00:00:00
oraclelinux
oraclelinux
pki-core security and bug fix update
2021-03-17 00:00:00
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-11-10 00:00:00
pki-core:10.6 security update
2021-03-24 00:00:00
osv
osv
Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-11-03 12:29:58
CVE-2019-10179
2020-03-20 15:15:12
CVE-2019-10221
2020-03-20 15:15:12
redhatcve
redhatcve
CVE-2019-10179
2020-02-03 16:47:31
CVE-2020-25715
2021-03-02 15:33:18
CVE-2019-10221
2020-02-04 13:17:35
cvelist
cvelist
CVE-2019-10179
2020-03-20 13:57:04
CVE-2019-10221
2020-03-20 13:55:48
CVE-2019-10146
2020-03-18 14:47:30
veracode
veracode
Cross-Site Scripting (XSS)
2021-03-17 04:06:15
CVE-2019-10221 Pki-core: Reflected XSS In Getcookies?url= Endpoint In CA
2021-03-17 04:06:18
Cross-Site Scripting (XSS)
2021-03-17 04:06:22
prion
prion
Cross site scripting
2020-03-20 15:15:00
Cross site scripting
2020-03-20 15:15:00
Cross site scripting
2020-03-18 15:15:00
cve
cve
CVE-2019-10179
2020-03-20 15:15:12
CVE-2020-25715
2021-05-28 11:15:07
CVE-2019-10221
2020-03-20 15:15:12
ubuntucve
ubuntucve
CVE-2020-25715
2021-05-28 00:00:00
CVE-2019-10179
2020-03-20 00:00:00
CVE-2019-10221
2020-03-20 00:00:00
nvd
nvd
CVE-2019-10179
2020-03-20 15:15:12
CVE-2020-25715
2021-05-28 11:15:07
CVE-2019-10221
2020-03-20 15:15:12
debiancve
debiancve
CVE-2020-25715
2021-05-28 11:15:07
CVE-2019-10179
2020-03-20 15:15:12
CVE-2019-10221
2020-03-20 15:15:12
rocky
rocky
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-11-03 12:29:58
pki-core:10.6 security update
2021-03-23 10:29:41
almalinux
almalinux
Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-11-03 12:29:58
Important: pki-core:10.6 security update
2021-03-23 10:29:41
fedora
fedora
[SECURITY] Fedora 34 Update: pki-core-10.10.5-6.fc34
2021-03-19 20:32:19
[SECURITY] Fedora 32 Update: pki-core-10.10.5-5.fc32
2021-03-20 01:15:39
[SECURITY] Fedora 33 Update: pki-core-10.10.5-5.fc33
2021-03-20 01:15:14

0.001 Low

EPSS

Percentile

51.0%

JSON
Related for RHSA-2021:0975
centos1nessus27amazon1redhat5openvas13oraclelinux3osv8redhatcve6cvelist6veracode6prion6cve6ubuntucve6nvd6debiancve6rocky2almalinux2fedora4