Filtered by vendor Fedoraproject
Subscribe
Total
4434 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1747 | 4 Fedoraproject, Opensuse, Oracle and 1 more | 4 Fedora, Leap, Communications Cloud Native Core Network Function Cloud Native Environment and 1 more | 2023-02-03 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor. | |||||
| CVE-2022-45062 | 3 Debian, Fedoraproject, Xfce | 3 Debian Linux, Fedora, Xfce4-settings | 2023-02-03 | N/A | 9.8 CRITICAL |
| In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper. | |||||
| CVE-2022-3725 | 2 Fedoraproject, Wireshark | 2 Fedora, Wireshark | 2023-02-03 | N/A | 7.5 HIGH |
| Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2022-32209 | 3 Debian, Fedoraproject, Rubyonrails | 3 Debian Linux, Fedora, Rails Html Sanitizers | 2023-02-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| # Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden. This may be done via application configuration:```ruby# In config/application.rbconfig.action_view.sanitized_allowed_tags = ["select", "style"]```see https://guides.rubyonrails.org/configuring.html#configuring-action-viewOr it may be done with a `:tags` option to the Action View helper `sanitize`:```<%= sanitize @comment.body, tags: ["select", "style"] %>```see https://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html#method-i-sanitizeOr it may be done with Rails::Html::SafeListSanitizer directly:```ruby# class-level optionRails::Html::SafeListSanitizer.allowed_tags = ["select", "style"]```or```ruby# instance-level optionRails::Html::SafeListSanitizer.new.sanitize(@article.body, tags: ["select", "style"])```All users overriding the allowed tags by any of the above mechanisms to include both "select" and "style" should either upgrade or use one of the workarounds immediately.## ReleasesThe FIXED releases are available at the normal locations.## WorkaroundsRemove either `select` or `style` from the overridden allowed tags.## CreditsThis vulnerability was responsibly reported by [windshock](https://hackerone.com/windshock?type=user). | |||||
| CVE-2021-23414 | 2 Fedoraproject, Videojs | 2 Fedora, Video.js | 2023-02-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| This affects the package video.js before 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code. | |||||
| CVE-2020-8287 | 5 Debian, Fedoraproject, Nodejs and 2 more | 5 Debian Linux, Fedora, Node.js and 2 more | 2023-02-03 | 6.4 MEDIUM | 6.5 MEDIUM |
| Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. | |||||
| CVE-2022-41751 | 3 Debian, Fedoraproject, Jhead Project | 3 Debian Linux, Fedora, Jhead | 2023-02-03 | N/A | 7.8 HIGH |
| Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option. | |||||
| CVE-2022-36944 | 2 Fedoraproject, Scala-lang | 2 Fedora, Scala | 2023-02-03 | N/A | 9.8 CRITICAL |
| Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with Java object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network connections, or possibly run arbitrary code (specifically, Function0 functions) via a gadget chain. | |||||
| CVE-2021-28116 | 3 Debian, Fedoraproject, Squid-cache | 3 Debian Linux, Fedora, Squid | 2023-02-03 | 4.3 MEDIUM | 5.3 MEDIUM |
| Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody. | |||||
| CVE-2020-5267 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2023-02-03 | 3.5 LOW | 4.8 MEDIUM |
| In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2. | |||||
| CVE-2021-3975 | 5 Canonical, Debian, Fedoraproject and 2 more | 14 Ubuntu Linux, Debian Linux, Fedora and 11 more | 2023-02-03 | N/A | 6.5 MEDIUM |
| A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash. | |||||
| CVE-2019-20485 | 3 Debian, Fedoraproject, Redhat | 3 Debian Linux, Fedora, Libvirt | 2023-02-03 | 2.7 LOW | 5.7 MEDIUM |
| qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage). | |||||
| CVE-2020-10675 | 2 Fedoraproject, Jsonparser Project | 2 Fedora, Jsonparser | 2023-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call. | |||||
| CVE-2021-28153 | 4 Broadcom, Debian, Fedoraproject and 1 more | 4 Brocade Fabric Operating System Firmware, Debian Linux, Fedora and 1 more | 2023-02-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.) | |||||
| CVE-2020-4788 | 3 Fedoraproject, Ibm, Oracle | 7 Fedora, Aix, Power9 and 4 more | 2023-02-03 | 1.9 LOW | 4.7 MEDIUM |
| IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296. | |||||
| CVE-2020-15803 | 4 Debian, Fedoraproject, Opensuse and 1 more | 5 Debian Linux, Fedora, Backports and 2 more | 2023-02-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. | |||||
| CVE-2022-42722 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2023-02-03 | N/A | 5.5 MEDIUM |
| In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. | |||||
| CVE-2022-2601 | 3 Fedoraproject, Gnu, Redhat | 8 Fedora, Grub2, Enterprise Linux Eus and 5 more | 2023-02-03 | N/A | 8.6 HIGH |
| A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. | |||||
| CVE-2022-42721 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2023-02-03 | N/A | 5.5 MEDIUM |
| A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. | |||||
| CVE-2020-16845 | 4 Debian, Fedoraproject, Golang and 1 more | 4 Debian Linux, Fedora, Go and 1 more | 2023-02-02 | 5.0 MEDIUM | 7.5 HIGH |
| Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. | |||||