Fedoraproject Extra Packages For Enterprise Linux vulnerabilities

CVE-2023-6395 [MEDIUM] CWE-20 CVE-2023-6395: The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege e The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. Wh

CVE-2024-0232 [MEDIUM] CWE-416 CVE-2024-0232: A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.

CVE-2023-51766 [MEDIUM] CWE-345 CVE-2023-51766: Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attac Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports . but some other popular e-mail servers do not.

CVE-2023-4255 [MEDIUM] CWE-787 CVE-2023-4255: An out-of-bounds write issue has been discovered in the backspace handling of the checkType() functi An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.

CVE-2023-4256 [MEDIUM] CWE-415 CVE-2023-4256: Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cl Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack.

CVE-2023-5764 [HIGH] CWE-1336 CVE-2023-5764: A template injection flaw was found in Ansible where a user's controller internal templating operati A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.

CVE-2023-5341 [MEDIUM] CWE-416 CVE-2023-5341: A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. A heap use-after-free flaw was found in coders/bmp.c in ImageMagick.

CVE-2023-5550 [MEDIUM] CWE-94 CVE-2023-5550: In a shared hosting environment that has been misconfigured to allow access to other users' content, In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution.

CVE-2023-5540 [MEDIUM] CWE-94 CVE-2023-5540: A remote code execution risk was identified in the IMSCP activity. By default this was only availabl A remote code execution risk was identified in the IMSCP activity. By default this was only available to teachers and managers.

CVE-2023-5539 [MEDIUM] CWE-94 CVE-2023-5539: A remote code execution risk was identified in the Lesson activity. By default this was only availab A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers.

CVE-2023-5548 [LOW] CWE-349 CVE-2023-5548: Stronger revision number limitations were required on file serving endpoints to improve cache poison Stronger revision number limitations were required on file serving endpoints to improve cache poisoning protection.

CVE-2023-5549 [LOW] CWE-284 CVE-2023-5549: Insufficient web service capability checks made it possible to move categories a user had permission Insufficient web service capability checks made it possible to move categories a user had permission to manage, to a parent category they did not have the capability to manage.

CVE-2023-5542 [LOW] CWE-284 CVE-2023-5542: Students in "Only see own membership" groups could see other students in the group, which should be Students in "Only see own membership" groups could see other students in the group, which should be hidden.

CVE-2023-5545 [LOW] CWE-200 CVE-2023-5545: H5P metadata automatically populated the author with the user's username, which could be sensitive i H5P metadata automatically populated the author with the user's username, which could be sensitive information.

CVE-2023-5543 [LOW] CWE-284 CVE-2023-5543: When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of us When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting.

CVE-2023-5551 [LOW] CWE-200 CVE-2023-5551: Separate Groups mode restrictions were not honoured in the forum summary report, which would display Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups.

CVE-2023-3428 [MEDIUM] CWE-122 CVE-2023-3428: A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue ma A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.

CVE-2022-4318 [HIGH] CWE-538 CVE-2022-4318: A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/pass A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.

CVE-2023-38252 [MEDIUM] CWE-125 CVE-2023-38252: An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may al An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

CVE-2023-38253 [MEDIUM] CWE-125 CVE-2023-38253: An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue m An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.