Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-02-19 | CVE-2024-26134 | cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC 8949) serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a patch for this issue. | Cbor2, Fedora | 7.5 | ||
| 2023-07-11 | CVE-2023-33170 | ASP.NET and Visual Studio Security Feature Bypass Vulnerability | Fedora, \.net, Visual_studio_2022 | N/A | ||
| 2023-08-08 | CVE-2023-38180 | .NET and Visual Studio Denial of Service Vulnerability | Fedora, \.net, Asp\.net_core, Visual_studio_2022 | N/A | ||
| 2018-12-11 | CVE-2018-20060 | urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. | Fedora, Urllib3 | 9.8 | ||
| 2024-05-01 | CVE-2024-27012 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete set fails From abort path, nft_mapelem_activate() needs to restore refcounters to the original state. Currently, it uses the set->ops->walk() to iterate over these set elements. The existing set iterator skips inactive elements in the next generation, this does not work from the abort path to restore the original state since it has to skip active elements instead (not... | Fedora, Linux_kernel | 5.5 | ||
| 2024-08-02 | CVE-2024-3056 | A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container's cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be... | Fedora, Podman, Enterprise_linux, Openshift_container_platform | N/A | ||
| 2024-05-30 | CVE-2024-5494 | Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Fedora, Chrome | 8.8 | ||
| 2024-05-30 | CVE-2024-5493 | Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Fedora, Chrome | 8.8 | ||
| 2024-05-30 | CVE-2024-5495 | Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Fedora, Chrome | 8.8 | ||
| 2024-05-30 | CVE-2024-5496 | Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | Fedora, Chrome | 8.8 |