Fedoraproject Fedora vulnerabilities

CVE-2021-20178 [MEDIUM] CWE-532 CVE-2021-20178: A flaw was found in ansible module where credentials are disclosed in the console log by default and A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.

CVE-2020-25673 [MEDIUM] CWE-400 CVE-2020-25673: A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.

CVE-2021-31924 [MEDIUM] CWE-287 CVE-2021-31924: Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the a Yubico pam-u2f before 1.1.1 has a logic issue that, depending on the pam-u2f configuration and the application used, could lead to a local PIN bypass. This issue does not allow user presence (touch) or cryptographic signature verification to be bypassed, so an attacker would still need to physically possess and interact with the YubiKey or another e

CVE-2021-30470 [MEDIUM] CWE-674 CVE-2021-30470: A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), Pd A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow.

CVE-2021-20297 [MEDIUM] CWE-20 CVE-2021-20297: A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a pr A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability.

CVE-2021-33574 [CRITICAL] CWE-416 CVE-2021-33574: The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact.

CVE-2020-25672 [HIGH] CWE-401 CVE-2020-25672: A memory leak vulnerability was found in Linux kernel in llcp_sock_connect A memory leak vulnerability was found in Linux kernel in llcp_sock_connect

CVE-2020-26555 [MEDIUM] CWE-863 CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.

CVE-2020-26558 [MEDIUM] CWE-287 CVE-2020-26558: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to co

CVE-2021-20718 [HIGH] CWE-400 CVE-2021-20718: mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) conditio mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors.

CVE-2021-3480 [HIGH] CWE-476 CVE-2021-3480: A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsi A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.

CVE-2021-33477 [HIGH] CWE-755 CVE-2021-33477: rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code executi rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.

CVE-2021-3426 [MEDIUM] CWE-200 CVE-2021-3426: There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convinc There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidenti

CVE-2021-3517 [HIGH] CWE-787 CVE-2021-3517: There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An at There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential im

CVE-2021-3445 [HIGH] CWE-347 CVE-2021-3445: A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This fl A flaw was found in libdnf's signature verification functionality in versions before 0.60.1. This flaw allows an attacker to achieve code execution if they can alter the header information of an RPM package and then trick a user or system into installing it. The highest risk of this vulnerability is to confidentiality, integrity, as well as system avail

CVE-2021-3421 [MEDIUM] CWE-347 CVE-2021-3421: A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

CVE-2021-3518 [HIGH] CWE-416 CVE-2021-3518: There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted fil There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

CVE-2021-3531 [MEDIUM] CWE-20 CVE-2021-3531: A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET R A flaw was found in the Red Hat Ceph Storage RGW in versions before 14.2.21. When processing a GET Request for a swift URL that ends with two slashes it can cause the rgw to crash, resulting in a denial of service. The greatest threat to the system is of availability.

CVE-2020-23856 [MEDIUM] CWE-416 CVE-2020-23856: Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/par Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.

CVE-2021-3524 [MEDIUM] CVE-2021-3524: A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.2 A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway) in versions before 14.2.21. The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. In addition, t