Vulnerabilities (CVE)

Filtered by vendor Fedoraproject Subscribe
Total 3387 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-41089 2 Fedoraproject, Mobyproject 2 Fedora, Moby 2022-06-14 4.4 MEDIUM 6.3 MEDIUM
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the host’s filesystem, widening access to others. This bug does not directly allow files to be read, modified, or executed without an additional cooperating process. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers do not need to be restarted.
CVE-2022-23990 5 Debian, Fedoraproject, Libexpat Project and 2 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-06-14 7.5 HIGH 9.8 CRITICAL
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
CVE-2022-25315 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-06-14 7.5 HIGH 9.8 CRITICAL
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
CVE-2021-41091 2 Fedoraproject, Mobyproject 2 Fedora, Moby 2022-06-14 4.6 MEDIUM 6.3 MEDIUM
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as `setuid`), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This bug has been fixed in Moby (Docker Engine) 20.10.9. Users should update to this version as soon as possible. Running containers should be stopped and restarted for the permissions to be fixed. For users unable to upgrade limit access to the host to trusted users. Limit access to host volumes to trusted containers.
CVE-2021-34798 7 Apache, Broadcom, Debian and 4 more 14 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 11 more 2022-06-14 5.0 MEDIUM 7.5 HIGH
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-41092 2 Docker, Fedoraproject 2 Command Line Interface, Fedora 2022-06-14 5.0 MEDIUM 7.5 HIGH
Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH.
CVE-2021-40438 6 Apache, Debian, F5 and 3 more 9 Http Server, Debian Linux, F5os and 6 more 2022-06-14 6.8 MEDIUM 9.0 CRITICAL
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-39275 5 Apache, Debian, Fedoraproject and 2 more 7 Http Server, Debian Linux, Fedora and 4 more 2022-06-14 7.5 HIGH 9.8 CRITICAL
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-22925 6 Apple, Fedoraproject, Haxx and 3 more 10 Mac Os X, Macos, Fedora and 7 more 2022-06-14 5.0 MEDIUM 5.3 MEDIUM
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.
CVE-2021-36221 4 Debian, Fedoraproject, Golang and 1 more 4 Debian Linux, Fedora, Go and 1 more 2022-06-14 4.3 MEDIUM 5.9 MEDIUM
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
CVE-2022-25235 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-06-14 7.5 HIGH 9.8 CRITICAL
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
CVE-2022-25314 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-06-14 5.0 MEDIUM 7.5 HIGH
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
CVE-2022-0778 4 Debian, Fedoraproject, Netapp and 1 more 12 Debian Linux, Fedora, 500f and 9 more 2022-06-14 5.0 MEDIUM 7.5 HIGH
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).
CVE-2018-20546 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2022-06-13 5.8 MEDIUM 8.1 HIGH
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case.
CVE-2018-20545 4 Canonical, Fedoraproject, Libcaca Project and 1 more 4 Ubuntu Linux, Fedora, Libcaca and 1 more 2022-06-13 6.8 MEDIUM 8.8 HIGH
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data.
CVE-2019-13038 4 Canonical, Fedoraproject, Mod Auth Mellon Project and 1 more 4 Ubuntu Linux, Fedora, Mod Auth Mellon and 1 more 2022-06-13 4.3 MEDIUM 6.1 MEDIUM
mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.
CVE-2019-10086 6 Apache, Debian, Fedoraproject and 3 more 60 Commons Beanutils, Nifi, Debian Linux and 57 more 2022-06-13 7.5 HIGH 7.3 HIGH
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.
CVE-2022-30600 3 Fedoraproject, Moodle, Redhat 3 Fedora, Moodle, Enterprise Linux 2022-06-13 7.5 HIGH 9.8 CRITICAL
A flaw was found in moodle where logic used to count failed login attempts could result in the account lockout threshold being bypassed.
CVE-2022-30599 3 Fedoraproject, Moodle, Redhat 3 Fedora, Moodle, Enterprise Linux 2022-06-13 7.5 HIGH 9.8 CRITICAL
A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.
CVE-2022-30597 3 Fedoraproject, Moodle, Redhat 3 Fedora, Moodle, Enterprise Linux 2022-06-13 5.0 MEDIUM 5.3 MEDIUM
A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.