Product:

Fedora

(Fedoraproject)
Repositories https://github.com/torvalds/linux
https://github.com/phpmyadmin/phpmyadmin
https://github.com/krb5/krb5
https://github.com/mdadams/jasper
https://github.com/uclouvain/openjpeg
https://github.com/golang/go
https://github.com/FasterXML/jackson-databind
https://github.com/ntp-project/ntp
https://github.com/dbry/WavPack
https://github.com/apache/httpd
https://github.com/json-c/json-c
https://github.com/jquery/jquery-ui
https://github.com/ClusterLabs/pcs
https://github.com/newsoft/libvncserver
https://github.com/horde/horde
https://github.com/ipython/ipython
https://github.com/wesnoth/wesnoth
https://github.com/saltstack/salt
https://github.com/dajobe/raptor
https://github.com/opencontainers/runc
https://github.com/openstack/swift

• git://git.openssl.org/openssl.git
https://github.com/openssh/openssh-portable
https://github.com/collectd/collectd
https://github.com/mongodb/mongo
https://github.com/ADOdb/ADOdb
https://github.com/igniterealtime/Smack
https://github.com/SELinuxProject/selinux
https://github.com/dlitz/pycrypto
https://github.com/teeworlds/teeworlds
https://github.com/pyca/cryptography
https://github.com/karelzak/util-linux
https://git.kernel.org/pub/scm/git/git.git
https://github.com/cyrusimap/cyrus-imapd
https://github.com/ceph/ceph
https://github.com/lepture/mistune
https://github.com/MariaDB/server
https://github.com/golang/net
https://github.com/FreeRDP/FreeRDP
https://github.com/sleuthkit/sleuthkit
https://github.com/Perl/perl5
https://github.com/python/cpython
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/haproxy/haproxy
https://github.com/libuv/libuv
https://github.com/mysql/mysql-server
https://github.com/libgd/libgd
https://github.com/SpiderLabs/ModSecurity
https://github.com/fish-shell/fish-shell
https://github.com/php/php-src
https://github.com/quassel/quassel
https://github.com/ocaml/ocaml
https://github.com/LibRaw/LibRaw
https://github.com/sddm/sddm
https://github.com/axkibe/lsyncd
https://github.com/visionmedia/send
https://github.com/rawstudio/rawstudio
https://github.com/cherokee/webserver
https://github.com/numpy/numpy
https://github.com/rjbs/Email-Address
https://github.com/openid/ruby-openid
https://github.com/moxiecode/plupload
https://github.com/libarchive/libarchive
#Vulnerabilities 5044
Date Id Summary Products Score Patch Annotated
2019-10-30 CVE-2018-21029 systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the developer as not a vulnerability since hostname validation does not have anything to do with this issue (i.e. there is no hostname to be sent) Fedora, Systemd 9.8
2019-11-18 CVE-2019-19046 A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time Fedora, Linux_kernel, Leap 6.5
2019-11-18 CVE-2019-19055 A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of this because it occurs on a code path where a successful allocation has already occurred Ubuntu_linux, Fedora, Linux_kernel 5.5
2019-11-18 CVE-2019-19070 A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NOTE: third parties dispute the relevance of this because the system must have already been out of memory before the probe began Fedora, Linux_kernel 7.5
2021-01-19 CVE-2021-3178 fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior Debian_linux, Fedora, Linux_kernel 6.5
2021-11-13 CVE-2021-43616 The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. This behavior is inconsistent with the documentation, and makes it easier for attackers to install malware that was supposed to have been blocked by an exact version match requirement in package-lock.json. NOTE: The npm team believes this is not a vulnerability. It would require someone to socially engineer package.json which has... Fedora, Next_generation_application_programming_interface, Npm 9.8
2022-08-23 CVE-2021-28861 Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html documentation page states "Warning: http.server is not recommended for production. It only implements basic security checks." Fedora, Python 7.4
2023-08-08 CVE-2023-20569 A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure. Epyc_72f3_firmware, Epyc_7313_firmware, Epyc_7313p_firmware, Epyc_7343_firmware, Epyc_7373x_firmware, Epyc_73f3_firmware, Epyc_7413_firmware, Epyc_7443_firmware, Epyc_7443p_firmware, Epyc_7453_firmware, Epyc_7473x_firmware, Epyc_74f3_firmware, Epyc_7513_firmware, Epyc_7543_firmware, Epyc_7543p_firmware, Epyc_7573x_firmware, Epyc_75f3_firmware, Epyc_7643_firmware, Epyc_7663_firmware, Epyc_7713_firmware, Epyc_7713p_firmware, Epyc_7763_firmware, Epyc_7773x_firmware, Epyc_9124_firmware, Epyc_9174f_firmware, Epyc_9184x_firmware, Epyc_9224_firmware, Epyc_9254_firmware, Epyc_9274f_firmware, Epyc_9334_firmware, Epyc_9354_firmware, Epyc_9354p_firmware, Epyc_9374f_firmware, Epyc_9384x_firmware, Epyc_9454_firmware, Epyc_9454p_firmware, Epyc_9474f_firmware, Epyc_9534_firmware, Epyc_9554_firmware, Epyc_9554p_firmware, Epyc_9634_firmware, Epyc_9654_firmware, Epyc_9654p_firmware, Epyc_9684x_firmware, Epyc_9734_firmware, Epyc_9754_firmware, Epyc_9754s_firmware, Ryzen_3_5100_firmware, Ryzen_3_5125c_firmware, Ryzen_3_5300g_firmware, Ryzen_3_5300ge_firmware, Ryzen_3_5300u_firmware, Ryzen_3_5400u_firmware, Ryzen_3_5425u_firmware, Ryzen_3_7335u_firmware, Ryzen_3_7440u_firmware, Ryzen_3_pro_7330u_firmware, Ryzen_5_5500_firmware, Ryzen_5_5500u_firmware, Ryzen_5_5560u_firmware, Ryzen_5_5600_firmware, Ryzen_5_5600g_firmware, Ryzen_5_5600ge_firmware, Ryzen_5_5600h_firmware, Ryzen_5_5600hs_firmware, Ryzen_5_5600u_firmware, Ryzen_5_5600x3d_firmware, Ryzen_5_5600x_firmware, Ryzen_5_5625u_firmware, Ryzen_5_6600h_firmware, Ryzen_5_6600hs_firmware, Ryzen_5_6600u_firmware, Ryzen_5_7500f_firmware, Ryzen_5_7535hs_firmware, Ryzen_5_7535u_firmware, Ryzen_5_7540u_firmware, Ryzen_5_7600_firmware, Ryzen_5_7600x_firmware, Ryzen_5_7640h_firmware, Ryzen_5_7640u_firmware, Ryzen_5_7645hx_firmware, Ryzen_5_pro_5645_firmware, Ryzen_5_pro_7530u_firmware, Ryzen_5_pro_7640hs_firmware, Ryzen_5_pro_7645_firmware, Ryzen_7_5700_firmware, Ryzen_7_5700g_firmware, Ryzen_7_5700ge_firmware, Ryzen_7_5700u_firmware, Ryzen_7_5700x_firmware, Ryzen_7_5800_firmware, Ryzen_7_5800h_firmware, Ryzen_7_5800hs_firmware, Ryzen_7_5800u_firmware, Ryzen_7_5800x3d_firmware, Ryzen_7_5800x_firmware, Ryzen_7_5825u_firmware, Ryzen_7_6800h_firmware, Ryzen_7_6800hs_firmware, Ryzen_7_6800u_firmware, Ryzen_7_7700_firmware, Ryzen_7_7700x_firmware, Ryzen_7_7735hs_firmware, Ryzen_7_7735u_firmware, Ryzen_7_7736u_firmware, Ryzen_7_7745hx_firmware, Ryzen_7_7800x3d_firmware, Ryzen_7_7840h_firmware, Ryzen_7_7840u_firmware, Ryzen_7_pro_5845_firmware, Ryzen_7_pro_7730u_firmware, Ryzen_7_pro_7745_firmware, Ryzen_7_pro_7840hs_firmware, Ryzen_9_5900_firmware, Ryzen_9_5900hs_firmware, Ryzen_9_5900hx_firmware, Ryzen_9_5900x_firmware, Ryzen_9_5950x_firmware, Ryzen_9_5980hs_firmware, Ryzen_9_5980hx_firmware, Ryzen_9_6900hs_firmware, Ryzen_9_6900hx_firmware, Ryzen_9_6980hs_firmware, Ryzen_9_6980hx_firmware, Ryzen_9_7845hx_firmware, Ryzen_9_7900_firmware, Ryzen_9_7900x3d_firmware, Ryzen_9_7900x_firmware, Ryzen_9_7940h_firmware, Ryzen_9_7945hx3d_firmware, Ryzen_9_7945hx_firmware, Ryzen_9_7950x3d_firmware, Ryzen_9_7950x_firmware, Ryzen_9_pro_5945_firmware, Ryzen_9_pro_7640hs_firmware, Ryzen_9_pro_7945_firmware, Ryzen_threadripper_pro_5945wx_firmware, Ryzen_threadripper_pro_5955wx_firmware, Ryzen_threadripper_pro_5965wx_firmware, Ryzen_threadripper_pro_5975wx_firmware, Ryzen_threadripper_pro_5995wx_firmware, Debian_linux, Fedora, Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022 4.7
2023-12-29 CVE-2023-7104 A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999. Fedora, Sqlite 7.3
2020-06-08 CVE-2020-12695 The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. Rt\-N11, Adsl, Selphy_cp1200, Ubuntu_linux, Wap131, Wap150, Wap351, Debian_linux, B1165nfw, Dvg\-N5412sp, Ep\-101, Ew\-M970a3t, M571t, Xp\-100, Xp\-2101, Xp\-2105, Xp\-241, Xp\-320, Xp\-330, Xp\-340, Xp\-4100, Xp\-4105, Xp\-440, Xp\-620, Xp\-630, Xp\-702, Xp\-8500, Xp\-8600, Xp\-960, Xp\-970, Fedora, 5020_z4a69a, 5030_m2u92b, 5030_z4a70a, 5034_z4a74a, 5660_f8b04a, Deskjet_ink_advantage_3456_a9t84c, Deskjet_ink_advantage_3545_a9t81a, Deskjet_ink_advantage_3545_a9t81c, Deskjet_ink_advantage_3545_a9t83b, Deskjet_ink_advantage_3546_a9t82a, Deskjet_ink_advantage_3548_a9t81b, Deskjet_ink_advantage_4515, Deskjet_ink_advantage_4518, Deskjet_ink_advantage_4535_f0v64a, Deskjet_ink_advantage_4535_f0v64b, Deskjet_ink_advantage_4535_f0v64c, Deskjet_ink_advantage_4536_f0v65a, Deskjet_ink_advantage_4538_f0v66b, Deskjet_ink_advantage_4675_f1h97a, Deskjet_ink_advantage_4675_f1h97b, Deskjet_ink_advantage_4675_f1h97c, Deskjet_ink_advantage_4676_f1h98a, Deskjet_ink_advantage_4678_f1h99b, Deskjet_ink_advantage_5575_g0v48b, Deskjet_ink_advantage_5575_g0v48c, Envy_100_cn517a, Envy_100_cn517b, Envy_100_cn517c, Envy_100_cn518a, Envy_100_cn519a, Envy_100_cn519b, Envy_110_cq809a, Envy_110_cq809b, Envy_110_cq809c, Envy_110_cq809d, Envy_110_cq812c, Envy_111_cq810a, Envy_114_cq811a, Envy_114_cq811b, Envy_114_cq812a, Envy_120_cz022a, Envy_120_cz022b, Envy_120_cz022c, Envy_4500_a9t80a, Envy_4500_a9t80b, Envy_4500_a9t89a, Envy_4500_d3p93a, Envy_4501_c8d05a, Envy_4502_a9t85a, Envy_4502_a9t87b, Envy_4503_e6g71b, Envy_4504_a9t88b, Envy_4504_c8d04a, Envy_4505_a9t86a, Envy_4507_e6g70b, Envy_4508_e6g72b, Envy_4509_d3p94a, Envy_4509_d3p94b, Envy_4511_k9h50a, Envy_4512_k9h49a, Envy_4513_k9h51a, Envy_4516_k9h52a, Envy_4520_e6g67a, Envy_4520_e6g67b, Envy_4520_f0v63a, Envy_4520_f0v63b, Envy_4520_f0v69a, Envy_4521_k9t10b, Envy_4522_f0v67a, Envy_4523_j6u60b, Envy_4524_f0v71b, Envy_4524_f0v72b, Envy_4524_k9t01a, Envy_4525_k9t09b, Envy_4526_k9t05b, Envy_4527_j6u61b, Envy_4528_k9t08b, Envy_5000_m2u85a, Envy_5000_m2u85b, Envy_5000_m2u91a, Envy_5000_m2u94b, Envy_5000_z4a54a, Envy_5000_z4a74a, Envy_5020_m2u91b, Envy_5530, Envy_5531, Envy_5532, Envy_5534, Envy_5535, Envy_5536, Envy_5539, Envy_5540_f2e72a, Envy_5540_g0v47a, Envy_5540_g0v51a, Envy_5540_g0v52a, Envy_5540_g0v53a, Envy_5540_k7c85a, Envy_5541_k7g89a, Envy_5542_k7c88a, Envy_5543_n9u88a, Envy_5544_k7c89a, Envy_5544_k7c93a, Envy_5545_g0v50a, Envy_5546_k7c90a, Envy_5547_j6u64a, Envy_5548_k7g87a, Envy_5640_b9s56a, Envy_5640_b9s58a, Envy_5642_b9s64a, Envy_5643_b9s63a, Envy_5644_b9s65a, Envy_5646_f8b05a, Envy_5664_f8b08a, Envy_5665_f8b06a, Envy_6020_5se16b, Envy_6020_5se17a, Envy_6020_6wd35a, Envy_6020_7cz37a, Envy_6052_5se18a, Envy_6055_5se16a, Envy_6540_b9s59a, Envy_7640, Envy_7644_e4w46a, Envy_7645_e4w44a, Envy_photo_6200_k7g18a, Envy_photo_6200_k7g26b, Envy_photo_6200_k7s21b, Envy_photo_6200_y0k13d_, Envy_photo_6200_y0k15a, Envy_photo_6220_k7g20d, Envy_photo_6220_k7g21b, Envy_photo_6222_y0k13d, Envy_photo_6222_y0k14d, Envy_photo_6230_k7g25b, Envy_photo_6232_k7g26b, Envy_photo_6234_k7s21b, Envy_photo_6252_k7g22a, Envy_photo_7100_3xd89a, Envy_photo_7100_k7g93a, Envy_photo_7100_k7g99a, Envy_photo_7100_z3m37a, Envy_photo_7100_z3m52a, Envy_photo_7120_z3m41d, Envy_photo_7155_z3m52a, Envy_photo_7164_k7g99a, Envy_photo_7800_k7r96a, Envy_photo_7800_k7s00a, Envy_photo_7800_k7s10d, Envy_photo_7800_y0g42d, Envy_photo_7800_y0g52b, Envy_photo_7822_y0g42d, Envy_photo_7822_y0g43d, Envy_photo_7830_y0g50b, Envy_pro_6420_5se45b, Envy_pro_6420_5se46a, Envy_pro_6420_6wd14a, Envy_pro_6420_6wd16a, Envy_pro_6452_5se47a, Envy_pro_6455_5se45a, Officejet_4650_e6g87a, Officejet_4650_f1h96a, Officejet_4650_f1h96b, Officejet_4652_f1j02a, Officejet_4652_f1j05b, Officejet_4652_k9v84b, Officejet_4654_f1j06b, Officejet_4654_f1j07b, Officejet_4655_f1j00a, Officejet_4655_k9v79a, Officejet_4655_k9v82b, Officejet_4656_k9v81b, Officejet_4657_v6d29b, Officejet_4658_v6d30b, Hg255s, Hg532e, Windows_10, Xbox_one, Wr8165n, Wnhde111, Zonedirector_1200, Archer_c50, Unifi_controller, Hostapd, Zxv10_w300, Amg1202\-T10b, Vmg8324\-B10a 7.5