Product:

Fedora

(Fedoraproject)
Repositories https://github.com/torvalds/linux
https://github.com/phpmyadmin/phpmyadmin
https://github.com/krb5/krb5
https://github.com/mdadams/jasper
https://github.com/uclouvain/openjpeg
https://github.com/golang/go
https://github.com/FasterXML/jackson-databind
https://github.com/ntp-project/ntp
https://github.com/apache/httpd
https://github.com/dbry/WavPack
https://github.com/json-c/json-c
https://github.com/jquery/jquery-ui
https://github.com/ClusterLabs/pcs
https://github.com/newsoft/libvncserver
https://github.com/horde/horde
https://github.com/ipython/ipython
https://github.com/wesnoth/wesnoth
https://github.com/saltstack/salt

https://github.com/haproxy/haproxy
https://github.com/pyca/cryptography
• git://git.openssl.org/openssl.git
https://github.com/dajobe/raptor
https://github.com/opencontainers/runc
https://github.com/openstack/swift
https://github.com/openssh/openssh-portable
https://github.com/collectd/collectd
https://github.com/mongodb/mongo
https://github.com/ADOdb/ADOdb
https://github.com/igniterealtime/Smack
https://github.com/SELinuxProject/selinux
https://github.com/dlitz/pycrypto
https://github.com/teeworlds/teeworlds
https://github.com/karelzak/util-linux
https://git.kernel.org/pub/scm/git/git.git
https://github.com/cyrusimap/cyrus-imapd
https://github.com/ceph/ceph
https://github.com/lepture/mistune
https://github.com/MariaDB/server
https://github.com/golang/net
https://github.com/FreeRDP/FreeRDP
https://github.com/sleuthkit/sleuthkit
https://github.com/Perl/perl5
https://github.com/python/cpython
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/libuv/libuv
https://github.com/mysql/mysql-server
https://github.com/libgd/libgd
https://github.com/SpiderLabs/ModSecurity
https://github.com/fish-shell/fish-shell
https://github.com/php/php-src
https://github.com/quassel/quassel
https://github.com/ocaml/ocaml
https://github.com/LibRaw/LibRaw
https://github.com/sddm/sddm
https://github.com/axkibe/lsyncd
https://github.com/visionmedia/send
https://github.com/rawstudio/rawstudio
https://github.com/cherokee/webserver
https://github.com/numpy/numpy
https://github.com/rjbs/Email-Address
https://github.com/openid/ruby-openid
https://github.com/moxiecode/plupload
https://github.com/libarchive/libarchive
#Vulnerabilities 5175
Date Id Summary Products Score Patch Annotated
2023-09-21 CVE-2023-41993 The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Ipados, Iphone_os, Macos, Debian_linux, Fedora, Active_iq_unified_manager, Cloud_insights_acquisition_unit, Cloud_insights_storage_workload_security_agent, Oncommand_insight, Oncommand_workflow_automation, Graalvm, Jdk, Jre, Webkitgtk\+ 8.8
2023-11-30 CVE-2023-42916 An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. Ipados, Iphone_os, Macos, Safari, Debian_linux, Fedora, Webkitgtk\+ 6.5
2022-09-21 CVE-2022-2795 By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. Debian_linux, Fedora, Bind 5.3
2014-10-15 CVE-2014-3566 The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. Mac_os_x, Debian_linux, Fedora, Aix, Vios, Mageia, Netbsd, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Openssl, Opensuse, Database, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_desktop_supplementary, Enterprise_linux_server, Enterprise_linux_server_supplementary, Enterprise_linux_workstation, Enterprise_linux_workstation_supplementary 3.4
2019-06-10 CVE-2019-12387 In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. Ubuntu_linux, Fedora, Solaris, Zfs_storage_appliance_kit, Twisted 6.1
2020-01-03 CVE-2020-5310 libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. Ubuntu_linux, Fedora, Pillow 8.8
2020-01-03 CVE-2020-5311 libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. Ubuntu_linux, Debian_linux, Fedora, Pillow 9.8
2020-01-03 CVE-2020-5312 libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. Ubuntu_linux, Debian_linux, Fedora, Pillow 9.8
2020-01-03 CVE-2020-5313 libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. Ubuntu_linux, Debian_linux, Fedora, Pillow 7.1
2020-01-03 CVE-2020-5395 FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c. Fedora, Fontforge, Leap 8.8