Redhat Openshift Application Runtimes vulnerabilities

CVE-2021-3914 [MEDIUM] CWE-79 CVE-2021-3914: It was found that the smallrye health metrics UI component did not properly sanitize some user input It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.

CVE-2020-10758 [HIGH] CWE-770 CVE-2020-10758: A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty r A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body.

CVE-2019-10184 [HIGH] CWE-862 CVE-2019-10184: undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have t undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api.