Fedoraproject Fedora vulnerabilities

CVE-2021-36085 [LOW] CWE-416 CVE-2021-36085: The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verif The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).

CVE-2021-36086 [LOW] CWE-416 CVE-2021-36086: The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_r The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).

CVE-2021-3630 [MEDIUM] CWE-787 CVE-2021-3630: An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.c An out-of-bounds write vulnerability was found in DjVuLibre in DJVU::DjVuTXT::decode() in DjVuText.cpp via a crafted djvu file which may lead to crash and segmentation fault. This flaw affects DjVuLibre versions prior to 3.5.28.

CVE-2021-33503 [HIGH] CWE-400 CVE-2021-33503: An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ charact An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.

CVE-2021-33515 [MEDIUM] CWE-77 CVE-2021-33515: The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensi The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address.

CVE-2021-29157 [MEDIUM] CWE-22 CVE-2021-29157: Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.

CVE-2020-28200 [MEDIUM] CWE-770 CVE-2020-28200: The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as demonstrated The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as demonstrated by a situation with a complex regular expression for the regex extension.

CVE-2021-32708 [HIGH] CWE-367 CVE-2021-32708: Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely. The conditions are: A user is allowed to supply the path or filename of an uploaded file, the supplied path

CVE-2021-0561 [MEDIUM] CWE-787 CVE-2021-0561: In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write d In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683

CVE-2021-29063 [HIGH] CWE-770 CVE-2021-29063: A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called.

CVE-2020-18442 [LOW] CWE-835 CVE-2020-18442: Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the retur Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".

CVE-2021-34825 [HIGH] CWE-319 CVE-2021-34825: Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usab Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system.

CVE-2021-3603 [HIGH] CWE-829 CVE-2021-3603: PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called ( PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called (if such code is injected into the host project's scope by other means). If the $patternselect parameter to validateAddress() is set to 'php' (the default, defined by PHPMailer::$validator), and the global namespace contains a function called php, it will

CVE-2021-34551 [HIGH] CWE-434 CVE-2021-34551: PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and ha PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname.

CVE-2021-33813 [HIGH] CWE-611 CVE-2021-33813: An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

CVE-2021-30552 [HIGH] CWE-416 CVE-2021-30552: Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinc Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-30553 [HIGH] CWE-416 CVE-2021-30553: Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-30548 [HIGH] CWE-416 CVE-2021-30548: Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potent Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-30550 [HIGH] CWE-416 CVE-2021-30550: Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who conv Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-30546 [HIGH] CWE-416 CVE-2021-30546: Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to pote Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.