Fedoraproject Fedora vulnerabilities

CVE-2024-0813 [HIGH] CWE-416 CVE-2024-0813: Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convi Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

CVE-2024-0807 [HIGH] CWE-416 CVE-2024-0807: Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to pot Use after free in Web Audio in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-0812 [HIGH] CVE-2024-0812: Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remo Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-0806 [HIGH] CWE-416 CVE-2024-0806: Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to pot Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

CVE-2024-0804 [HIGH] CWE-693 CVE-2024-0804: Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

CVE-2024-0809 [MEDIUM] CWE-693 CVE-2024-0809: Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote at Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

CVE-2024-0811 [MEDIUM] CVE-2024-0811: Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an at Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low)

CVE-2024-0805 [MEDIUM] CWE-451 CVE-2024-0805: Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote a Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

CVE-2024-0814 [MEDIUM] CWE-346 CVE-2024-0814: Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-39197 [HIGH] CWE-125 CVE-2023-39197: An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Li An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.

CVE-2024-22421 [MEDIUM] CWE-23 CVE-2024-22421: JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jup JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their `Authorization` and `XSRFToken` tokens exposed to a third party when running an older `jupyter-server` version. JupyterLab versions 4.1.0b2, 4.0.11, and 3.6

CVE-2024-22420 [MEDIUM] CWE-79 CVE-2024-22420: JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jup JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. This vulnerability depends on user interaction by opening a malicious Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary

CVE-2023-6816 [CRITICAL] CWE-787 CVE-2023-6816: A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit f A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.

CVE-2024-0409 [HIGH] CWE-787 CVE-2024-0409: A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong typ A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.

CVE-2024-0408 [MEDIUM] CWE-158 CVE-2024-0408: A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object tha

CVE-2024-0607 [MEDIUM] CWE-229 CVE-2024-0607: A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_e A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the pre

CVE-2023-6395 [CRITICAL] CWE-20 CVE-2023-6395: The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege e The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters.

CVE-2024-0553 [HIGH] CVE-2024-0553: A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKe A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-05

CVE-2024-0519 [HIGH] CWE-787 CVE-2024-0519: Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2024-0518 [HIGH] CWE-843 CVE-2024-0518: Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potential Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)