RHSA-2021%3A1186 — Vulnetix

RHSA-2021%3A1186 PUBLISHED CVSS 6.099999904632568 MEDIUM

An update for org.ovirt.engine-root, ovirt-engine-ui-extensions, and ovirt-web-ui is now available for Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Risk Scores

CVSS 3.1

6.099999904632568

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
	ovirt
	RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4

Exploit Intelligence

Affected versions of this package are vulnerable to Prototype Pollution. (github-poc-repo)
Affected versions of this package are vulnerable to Prototype Pollution. (github-poc-repo)
Affected versions of this package are vulnerable to Prototype Pollution. (github-poc-repo)
cve-2020-28458 (github-poc-repo)
cve-2020-28458 (github-poc-repo)
cve-2020-28458 (github-poc-repo)
cve-2020-28458 (github-poc)
cve-2020-28458 (github-poc)
cve-2020-28458 (github-poc)
Affected versions of this package are vulnerable to Prototype Pollution. (github-poc)

…and 12 more exploits

Timeline

Apr 14, 2021 CVE Published
Jan 13, 2026 CVE Updated
Apr 30, 2026 Distribution Patch
Apr 30, 2026 Distribution Patch
Apr 30, 2026 Security Advisory
May 1, 2026 Security Advisory
May 1, 2026 Security Advisory

References

Open in Interactive Console →