Fedoraproject Fedora vulnerabilities

CVE-2021-30551 [HIGH] CWE-843 CVE-2021-30551: Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentiall Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-31618 [HIGH] CWE-476 CVE-2021-31618: Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected. This rejection response was

CVE-2021-30547 [HIGH] CWE-787 CVE-2021-30547: Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to po Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

CVE-2021-30544 [HIGH] CWE-416 CVE-2021-30544: Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to poten Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-30545 [HIGH] CWE-416 CVE-2021-30545: Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who h Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-30549 [HIGH] CWE-416 CVE-2021-30549: Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convin Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-3593 [LOW] CWE-824 CVE-2021-3593: An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Th An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest

CVE-2021-3594 [LOW] CWE-824 CVE-2021-3594: An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Th An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest t

CVE-2021-3592 [LOW] CWE-824 CVE-2021-3592: An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Th An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highe

CVE-2021-3595 [LOW] CWE-824 CVE-2021-3595: An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. Th An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest

CVE-2021-31812 [MEDIUM] CWE-834 CVE-2021-31812: In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

CVE-2021-31811 [MEDIUM] CWE-789 CVE-2021-31811: In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading th In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

CVE-2021-22915 [CRITICAL] CWE-307 CVE-2021-22915: Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection.

CVE-2021-22898 [LOW] CWE-200 CVE-2021-22898: curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, kn curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the se

CVE-2021-26691 [CRITICAL] CWE-122 CVE-2021-26691: In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin s In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow

CVE-2021-34363 [CRITICAL] CWE-22 CVE-2021-34363: The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitr The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature.

CVE-2021-34555 [HIGH] CWE-476 CVE-2021-34555: OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer deref OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a multi-value From header field.

CVE-2020-13950 [HIGH] CWE-476 CVE-2020-13950: Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer deref Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service

CVE-2021-26690 [HIGH] CWE-476 CVE-2021-26690: Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

CVE-2020-35452 [HIGH] CWE-787 CVE-2020-35452: Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overf Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to th