Fedora - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Fedora
(Fedoraproject)

Repositories

• https://github.com/torvalds/linux
• https://github.com/phpmyadmin/phpmyadmin
• https://github.com/krb5/krb5
• https://github.com/mdadams/jasper
• https://github.com/uclouvain/openjpeg

• https://github.com/golang/go
• https://github.com/FasterXML/jackson-databind
• https://github.com/ntp-project/ntp
• https://github.com/apache/httpd
• https://github.com/dbry/WavPack
• https://github.com/json-c/json-c
• https://github.com/jquery/jquery-ui
• https://github.com/ClusterLabs/pcs
• https://github.com/newsoft/libvncserver
• https://github.com/horde/horde
• https://github.com/ipython/ipython
• https://github.com/wesnoth/wesnoth
• https://github.com/saltstack/salt
• git://git.openssl.org/openssl.git
•
• https://github.com/haproxy/haproxy
• https://github.com/pyca/cryptography
• https://github.com/dajobe/raptor
• https://github.com/opencontainers/runc
• https://github.com/openstack/swift
• https://github.com/openssh/openssh-portable
• https://github.com/collectd/collectd
• https://github.com/mongodb/mongo
• https://github.com/ADOdb/ADOdb
• https://github.com/igniterealtime/Smack
• https://github.com/SELinuxProject/selinux
• https://github.com/dlitz/pycrypto
• https://github.com/teeworlds/teeworlds
• https://github.com/karelzak/util-linux
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/cyrusimap/cyrus-imapd
• https://github.com/ceph/ceph
• https://github.com/lepture/mistune
• https://github.com/MariaDB/server
• https://github.com/golang/net
• https://github.com/FreeRDP/FreeRDP
• https://github.com/sleuthkit/sleuthkit
• https://github.com/Perl/perl5
• https://github.com/python/cpython
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/libuv/libuv
• https://github.com/mysql/mysql-server
• https://github.com/libgd/libgd
• https://github.com/SpiderLabs/ModSecurity
• https://github.com/fish-shell/fish-shell
• https://github.com/php/php-src
• https://github.com/quassel/quassel
• https://github.com/ocaml/ocaml
• https://github.com/LibRaw/LibRaw
• https://github.com/sddm/sddm
• https://github.com/axkibe/lsyncd
• https://github.com/visionmedia/send
• https://github.com/rawstudio/rawstudio
• https://github.com/cherokee/webserver
• https://github.com/numpy/numpy
• https://github.com/rjbs/Email-Address
• https://github.com/openid/ruby-openid
• https://github.com/moxiecode/plupload
• https://github.com/libarchive/libarchive

#Vulnerabilities

5271

Date	Id	Summary	Products	Score	Patch	Annotated
2022-01-01	CVE-2021-41819	CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.	Debian_linux, Fedora, Factory, Leap, Enterprise_linux, Software_collections, Cgi, Ruby, Linux_enterprise	7.5
2022-01-05	CVE-2021-45116	An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key.	Django, Fedora	7.5
2022-09-26	CVE-2022-2852	Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Fedora, Chrome	8.8
2022-09-26	CVE-2022-2853	Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.	Fedora, Chrome	8.8
2022-09-26	CVE-2022-2854	Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Fedora, Chrome	8.8
2022-09-26	CVE-2022-2855	Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Fedora, Chrome	8.8
2022-09-26	CVE-2022-2857	Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Fedora, Chrome	8.8
2022-09-26	CVE-2022-3044	Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.	Fedora, Chrome	6.5
2022-09-26	CVE-2022-3045	Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	Fedora, Chrome	8.8
2022-09-26	CVE-2022-3046	Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.	Fedora, Chrome	8.8