Fedoraproject Fedora vulnerabilities

CVE-2023-49501 [HIGH] CWE-122 CVE-2023-49501: Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbi Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component.

CVE-2024-22640 [HIGH] CWE-1333 CVE-2024-22640: TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an un TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.

CVE-2023-51791 [HIGH] CWE-125 CVE-2023-51791: Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arb Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map.

CVE-2023-50010 [HIGH] CWE-120 CVE-2023-50010: FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demons FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.

CVE-2023-50008 [HIGH] CWE-120 CVE-2023-50008: FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_ FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:105:9 component.

CVE-2023-51797 [MEDIUM] CWE-94 CVE-2023-51797: Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arb Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame

CVE-2023-50007 [MEDIUM] CWE-121 CVE-2023-50007: FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.

CVE-2023-51796 [LOW] CWE-120 CVE-2023-51796: Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arb Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.

CVE-2024-32462 [HIGH] CWE-88 CVE-2024-32462: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Normally, the `--command` argument of `flatpak run` expects to be given a command to run in the specified Fla

CVE-2023-3758 [HIGH] CWE-362 CVE-2023-3758: A race condition flaw was found in sssd where the GPO policy is not consistently applied for authent A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.

CVE-2024-27306 [MEDIUM] CWE-79 CVE-2024-27306: aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server (e.g. nginx) for serving static files. Users following the recommendation are unaffected. Other users can disab

CVE-2024-31581 [CRITICAL] CWE-129 CVE-2024-31581: FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior within the application.

CVE-2024-31031 [HIGH] CWE-190 CVE-2024-31031: An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequenc An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow.

CVE-2024-3840 [HIGH] CWE-285 CVE-2024-3840: Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

CVE-2023-4232 [HIGH] CWE-119 CVE-2023-4232: A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered with A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it

CVE-2024-31582 [HIGH] CWE-122 CVE-2024-31582: FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.

CVE-2023-4233 [HIGH] CWE-119 CVE-2023-4233: A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered with A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS.

CVE-2023-4235 [HIGH] CWE-119 CVE-2023-4235: A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered with A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it

CVE-2024-31578 [HIGH] CWE-416 CVE-2024-31578: FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init fu FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.

CVE-2024-3832 [HIGH] CWE-119 CVE-2024-3832: Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potenti Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)