Fedoraproject Fedora vulnerabilities

CVE-2023-31124 [LOW] CWE-330 CVE-2023-31124: c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools buil c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patc

CVE-2023-33204 [HIGH] CVE-2023-33204: sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377.

CVE-2023-24805 [HIGH] CWE-78 CVE-2023-24805: cups-filters contains backends, filters, and other software required to get the cups printing servic cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` w

CVE-2023-2731 [MEDIUM] CWE-476 CVE-2023-2731: A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.

CVE-2023-2724 [HIGH] CWE-843 CVE-2023-2724: Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potential Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2722 [HIGH] CWE-416 CVE-2023-2722: Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote a Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2726 [HIGH] CVE-2023-2726: Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2723 [HIGH] CWE-416 CVE-2023-2723: Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who ha Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2725 [HIGH] CWE-416 CVE-2023-2725: Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convin Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-2721 [HIGH] CWE-416 CVE-2023-2721: Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to p Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

CVE-2023-2700 [MEDIUM] CWE-401 CVE-2023-2700: A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IO A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.

CVE-2023-1729 [MEDIUM] CWE-119 CVE-2023-1729: A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.

CVE-2023-32570 [MEDIUM] CWE-362 CVE-2023-32570: VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.

CVE-2023-2156 [HIGH] CWE-617 CVE-2023-2156: A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL prot A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.

CVE-2023-31137 [HIGH] CWE-191 CVE-2023-31137: MaraDNS is open-source software that implements the Domain Name System (DNS). In version 3.5.0024 an MaraDNS is open-source software that implements the Domain Name System (DNS). In version 3.5.0024 and prior, a remotely exploitable integer underflow vulnerability in the DNS packet decompression function allows an attacker to cause a Denial of Service by triggering an abnormal program termination. The vulnerability exists in the `decomp_get_rddata`

CVE-2023-31490 [HIGH] CVE-2023-31490: An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via t An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.

CVE-2023-2609 [MEDIUM] CWE-476 CVE-2023-2609: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.

CVE-2023-31489 [MEDIUM] CVE-2023-31489: An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via t An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.

CVE-2023-31047 [CRITICAL] CWE-20 CVE-2023-31047: In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass valid In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's "Uploading multiple files" documentation sug

CVE-2023-29659 [MEDIUM] CWE-369 CVE-2023-29659: A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted hei A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.