Fedoraproject Fedora vulnerabilities

CVE-2023-43279 [MEDIUM] CWE-476 CVE-2023-43279: Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to cr Null Pointer Dereference in mask_cidr6 component at cidr.c in Tcpreplay 4.4.4 allows attackers to crash the application via crafted tcprewrite command.

CVE-2024-28757 [HIGH] CWE-776 CVE-2024-28757: libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

CVE-2024-28184 [HIGH] CWE-829 CVE-2024-28184: WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability WeasyPrint helps web developers to create PDF documents. Since version 61.0, there's a vulnerability which allows attaching content of arbitrary files and URLs to a generated PDF document, even if `url_fetcher` is configured to prevent access to files and URLs. This vulnerability has been patched in version 61.2.

CVE-2024-28180 [MEDIUM] CWE-409 CVE-2024-28180: Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set o Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the com

CVE-2024-28176 [MEDIUM] CWE-400 CVE-2024-28176: jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tok jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for

CVE-2024-23263 [MEDIUM] CWE-20 CVE-2024-23263: A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 A logic issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.

CVE-2024-23280 [MEDIUM] CWE-74 CVE-2024-23280: An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 1 An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A maliciously crafted webpage may be able to fingerprint the user.

CVE-2024-23284 [MEDIUM] CWE-693 CVE-2024-23284: A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS A logic issue was addressed with improved state management. This issue is fixed in Safari 17.4, iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.

CVE-2024-23254 [MEDIUM] CVE-2024-23254: The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. A malicious website may exfiltrate audio data cross-origin.

CVE-2024-2044 [CRITICAL] CWE-31 CVE-2024-2044: pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on POSIX/Linux, an authenticated attacker can upload pickle obje

CVE-2024-1931 [HIGH] CWE-835 CVE-2024-1931: NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that ca NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's advertised buffer size. Before removing all the EDE records

CVE-2024-2176 [HIGH] CWE-416 CVE-2024-2176: Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potent Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-2173 [HIGH] CWE-787 CVE-2024-2173: Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

CVE-2024-2174 [HIGH] CWE-787 CVE-2024-2174: Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacke Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-25111 [HIGH] CWE-674 CVE-2024-25111: Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulner Squid is a web proxy cache. Starting in version 3.5.27 and prior to version 6.8, Squid may be vulnerable to a Denial of Service attack against HTTP Chunked decoder due to an uncontrolled recursion bug. This problem allows a remote attacker to cause Denial of Service when sending a crafted, chunked, encoded HTTP Message. This bug is fixed in Squid vers

CVE-2024-28084 [HIGH] CWE-665 CVE-2024-28084: p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service ( p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails.

CVE-2024-1938 [HIGH] CWE-843 CVE-2024-1938: Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentiall Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-1939 [HIGH] CWE-843 CVE-2024-1939: Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentiall Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-22871 [HIGH] CWE-502 CVE-2024-22871: An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service ( An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service (DoS) via the clojure.core$partial$fn__5920 function.

CVE-2024-25713 [HIGH] CWE-94 CVE-2024-25713: yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is part of the pool series allocator, along with pool_malloc and pool_realloc.)