Fedoraproject Fedora vulnerabilities

CVE-2023-2461 [HIGH] CWE-416 CVE-2023-2461: Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote att Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)

CVE-2023-2460 [HIGH] CVE-2023-2460: Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 all Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2464 [MEDIUM] CVE-2023-2464: Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2463 [MEDIUM] CVE-2023-2463: Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2467 [MEDIUM] CVE-2023-2467: Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. (Chromium security severity: Low)

CVE-2023-2462 [MEDIUM] CVE-2023-2462: Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote att Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2466 [MEDIUM] CVE-2023-2466: Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote att Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: Low)

CVE-2023-2459 [MEDIUM] CVE-2023-2459: Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote att Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2465 [MEDIUM] CVE-2023-2465: Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attack Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-2468 [MEDIUM] CVE-2023-2468: Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a r Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. (Chromium security severity: Low)

CVE-2023-30944 [HIGH] CWE-89 CVE-2023-30944: The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied da The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.

CVE-2023-30943 [MEDIUM] CWE-73 CVE-2023-30943: The vulnerability was found Moodle which exists because the application allows a user to control pat The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system.

CVE-2023-1786 [MEDIUM] CWE-532 CVE-2023-1786: Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use t Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

CVE-2023-29007 [HIGH] CWE-74 CVE-2023-29007: Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to injec

CVE-2022-42335 [HIGH] CWE-476 CVE-2022-42335: x86 shadow paging arbitrary pointer dereference In environments where host assisted address translat x86 shadow paging arbitrary pointer dereference In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Due to too lax a check in one of the hypervisor routines used for shadow page handling it is possible for a guest with a PCI device passed

CVE-2023-25652 [HIGH] CWE-22 CVE-2023-25652: Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A f

CVE-2023-2269 [MEDIUM] CWE-413 CVE-2023-2269: A denial of service problem was found, due to a possible recursive locking scenario, resulting in a A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.

CVE-2023-25815 [LOW] CWE-22 CVE-2023-25815: In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. A In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-code

CVE-2023-29530 [MEDIUM] CWE-20 CVE-2023-29530: Laminas Diactoros provides PSR HTTP Message implementations. In versions 2.18.0 and prior, 2.19.0, 2 Laminas Diactoros provides PSR HTTP Message implementations. In versions 2.18.0 and prior, 2.19.0, 2.20.0, 2.21.0, 2.22.0, 2.23.0, 2.24.0, and 2.25.0, users who create HTTP requests or responses using laminas/laminas-diactoros, when providing a newline at the start or end of a header key or value, can cause an invalid message. This can lead to denial

CVE-2023-31084 [MEDIUM] CWE-833 CVE-2023-31084: An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called; the condition is dvb_frontend_test_event(fepriv,events). In dvb_frontend_test_event, down(&fepriv->sem) is called. However, wait_event_