Product:

Fedora

(Fedoraproject)
Repositories https://github.com/torvalds/linux
https://github.com/phpmyadmin/phpmyadmin
https://github.com/krb5/krb5
https://github.com/mdadams/jasper
https://github.com/uclouvain/openjpeg
https://github.com/golang/go
https://github.com/FasterXML/jackson-databind
https://github.com/ntp-project/ntp
https://github.com/dbry/WavPack
https://github.com/apache/httpd
https://github.com/json-c/json-c
https://github.com/jquery/jquery-ui
https://github.com/ClusterLabs/pcs
https://github.com/newsoft/libvncserver
https://github.com/horde/horde
https://github.com/ipython/ipython
https://github.com/wesnoth/wesnoth
https://github.com/saltstack/salt
https://github.com/pyca/cryptography
• git://git.openssl.org/openssl.git
https://github.com/dajobe/raptor
https://github.com/opencontainers/runc
https://github.com/openstack/swift

https://github.com/openssh/openssh-portable
https://github.com/collectd/collectd
https://github.com/mongodb/mongo
https://github.com/ADOdb/ADOdb
https://github.com/igniterealtime/Smack
https://github.com/SELinuxProject/selinux
https://github.com/dlitz/pycrypto
https://github.com/teeworlds/teeworlds
https://github.com/karelzak/util-linux
https://git.kernel.org/pub/scm/git/git.git
https://github.com/cyrusimap/cyrus-imapd
https://github.com/ceph/ceph
https://github.com/lepture/mistune
https://github.com/MariaDB/server
https://github.com/golang/net
https://github.com/FreeRDP/FreeRDP
https://github.com/sleuthkit/sleuthkit
https://github.com/Perl/perl5
https://github.com/python/cpython
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/haproxy/haproxy
https://github.com/libuv/libuv
https://github.com/mysql/mysql-server
https://github.com/libgd/libgd
https://github.com/SpiderLabs/ModSecurity
https://github.com/fish-shell/fish-shell
https://github.com/php/php-src
https://github.com/quassel/quassel
https://github.com/ocaml/ocaml
https://github.com/LibRaw/LibRaw
https://github.com/sddm/sddm
https://github.com/axkibe/lsyncd
https://github.com/visionmedia/send
https://github.com/rawstudio/rawstudio
https://github.com/cherokee/webserver
https://github.com/numpy/numpy
https://github.com/rjbs/Email-Address
https://github.com/openid/ruby-openid
https://github.com/moxiecode/plupload
https://github.com/libarchive/libarchive
#Vulnerabilities 5109
Date Id Summary Products Score Patch Annotated
2023-10-11 CVE-2023-37536 An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request. Xerces\-C\+\+, Fedora, Bigfix_platform 8.8
2023-11-29 CVE-2023-6347 Use after free in Mojo in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Debian_linux, Fedora, Chrome 8.8
2024-04-04 CVE-2024-27316 HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion. Http_server, Fedora, Ontap 7.5
2024-05-01 CVE-2024-4058 Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Fedora, Chrome 8.8
2024-06-11 CVE-2024-5840 Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium) Fedora, Chrome 6.5
2023-09-12 CVE-2023-4863 Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) Seequent_leapfrog, Debian_linux, Fedora, Chrome, Edge, Edge_chromium, Teams, Webp_image_extension, Firefox, Firefox_esr, Thunderbird, Active_iq_unified_manager, Libwebp 8.8
2021-06-15 CVE-2021-30551 Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Fedora, Chrome 8.8
2021-07-02 CVE-2021-30554 Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Fedora, Chrome 8.8
2021-08-24 CVE-2021-30858 A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Ipados, Iphone_os, Macos, Debian_linux, Fedora 8.8
2021-11-23 CVE-2021-38000 Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. Debian_linux, Fedora, Chrome 6.1