Product:

Enterprise_linux

(Redhat)
Date Id Summary Products Score Patch Annotated
2022-09-09 CVE-2020-10735 A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability. Fedora, Python, Enterprise_linux, Quay, Software_collections 7.5
2022-07-14 CVE-2022-2393 A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content. Pki\-Core, Certificate_system, Enterprise_linux 5.7
2022-08-29 CVE-2022-1016 A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. Linux_kernel, Enterprise_linux 5.5
2022-02-24 CVE-2021-3610 A heap-based buffer overflow vulnerability was found in ImageMagick in versions prior to 7.0.11-14 in ReadTIFFImage() in coders/tiff.c. This issue is due to an incorrect setting of the pixel array size, which can lead to a crash and segmentation fault. Fedora, Imagemagick, Enterprise_linux 7.5
2022-09-06 CVE-2022-25310 A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service. Fribidi, Enterprise_linux 5.5
2023-06-12 CVE-2023-3161 A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service. Fedora, Linux_kernel, Enterprise_linux 5.5
2022-04-18 CVE-2021-42779 A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. Fedora, Opensc, Enterprise_linux 5.3
2022-04-18 CVE-2021-42780 A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library. Fedora, Opensc, Enterprise_linux 5.3
2022-04-18 CVE-2021-42781 Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library. Fedora, Opensc, Enterprise_linux 5.3
2020-01-07 CVE-2019-14866 In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an attacker can write to, the resulting archive may contain files with permissions the attacker did not have or in paths he did not have access to. Extracting those archives from a high-privilege user without carefully reviewing them may lead to the compromise of the system. Cpio, Enterprise_linux 7.3