Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-03-23 | CVE-2023-28333 | The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS). | Fedora, Moodle | 9.8 | ||
2023-07-03 | CVE-2023-36053 | In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs. | Debian_linux, Django, Fedora | 7.5 | ||
2023-09-22 | CVE-2023-43090 | A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool. | Fedora, Gnome\-Shell | 5.5 | ||
2023-11-09 | CVE-2023-5545 | H5P metadata automatically populated the author with the user's username, which could be sensitive information. | Extra_packages_for_enterprise_linux, Fedora, Moodle | 5.3 | ||
2024-01-16 | CVE-2024-0518 | Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Fedora, Chrome | 8.8 | ||
2024-01-30 | CVE-2024-1077 | Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High) | Fedora, Chrome | 8.8 | ||
2024-06-11 | CVE-2024-5831 | Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Fedora, Chrome | 8.8 | ||
2024-06-11 | CVE-2024-5832 | Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Fedora, Chrome | 8.8 | ||
2024-06-11 | CVE-2024-5833 | Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | Fedora, Chrome | 8.8 | ||
2024-06-11 | CVE-2024-5834 | Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | Fedora, Chrome | 8.8 |