oVirt Engine 4.3.11

CPE Details

oVirt Engine 4.3.11
4.3.11
2020-12-03
18h42 +00:00
2020-12-03
18h42 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ovirt:ovirt-engine:4.3.11:*:*:*:*:*:*:*

Informations

Vendor

ovirt

Product

ovirt-engine

Version

4.3.11

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-35497 2020-12-21 15h22 +00:00 A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including name, email and public SSH key.
6.5
Medium
CVE-2020-14333 2020-08-18 11h13 +00:00 A flaw was found in Ovirt Engine's web interface in ovirt 4.4 and earlier, where it did not filter user-controllable parameters completely, resulting in a reflected cross-site scripting attack. This flaw allows an attacker to leverage a phishing attack, steal an unsuspecting user's cookies or other confidential information, or impersonate them within the application's context.
6.3
Medium