Fedoraproject Fedora vulnerabilities

CVE-2021-28484 [HIGH] CWE-835 CVE-2021-28484: An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3. An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 (in YubiHSM SDK before 2021.04). The handler did not validate the length of the request, which can lead to a state where yubihsm-connector becomes stuck in a loop waiting for the YubiHSM to send it data, preventing any further operations until the y

CVE-2021-29338 [MEDIUM] CWE-190 CVE-2021-29338: Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Deni Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.

CVE-2021-27815 [MEDIUM] CWE-476 CVE-2021-27815: NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.

CVE-2021-21394 [MEDIUM] CWE-20 CVE-2021-21394: Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memo

CVE-2021-21392 [MEDIUM] CWE-601 CVE-2021-21392: Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, ide

CVE-2021-21393 [MEDIUM] CWE-20 CVE-2021-21393: Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memo

CVE-2021-28879 [CRITICAL] CWE-190 CVE-2021-28879: In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size d In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again.

CVE-2021-28878 [HIGH] CWE-119 CVE-2021-28878: In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait.

CVE-2021-28876 [MEDIUM] CWE-755 CVE-2021-28876: In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It c In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait.

CVE-2021-21197 [HIGH] CWE-787 CVE-2021-21197: Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker t Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-21199 [HIGH] CWE-416 CVE-2021-21199: Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker wh Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-21194 [HIGH] CWE-416 CVE-2021-21194: Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker t Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-21195 [HIGH] CWE-416 CVE-2021-21195: Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentiall Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-21198 [HIGH] CWE-125 CVE-2021-21198: Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2021-21196 [HIGH] CWE-787 CVE-2021-21196: Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-30156 [MEDIUM] CWE-200 CVE-2021-30156: An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Special:Contributions can leak that a "hidden" user exists.

CVE-2021-30152 [MEDIUM] CWE-269 CVE-2021-30152: An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When us An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for.

CVE-2021-30155 [MEDIUM] CWE-862 CVE-2021-30155: An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Content An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. ContentModelChange does not check if a user has correct permissions to create and set the content model of a nonexistent page.

CVE-2021-30159 [MEDIUM] CVE-2021-30159: An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users c An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePage::isValidMoveTarget() uses FOR UPDATE, but it's only called if Title::getArticleID() returns non-zero with no special flags. Next, MovePage::moveToInternal() w

CVE-2021-29154 [HIGH] CWE-77 CVE-2021-29154: BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacem BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.