Vulnerabilities > Debian > Debian Linux

DATE CVE VULNERABILITY TITLE RISK
2021-12-08 CVE-2021-43539 Use After Free vulnerability in multiple products
Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers.
network
low complexity
mozilla debian CWE-416
8.8
8.8
2021-12-08 CVE-2021-43541 When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped.
network
low complexity
mozilla debian
6.5
6.5
2021-12-08 CVE-2021-43542 Information Exposure Through an Error Message vulnerability in multiple products
Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols.
network
low complexity
mozilla debian CWE-209
6.5
6.5
2021-12-08 CVE-2021-43543 Cross-site Scripting vulnerability in multiple products
Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content.
network
low complexity
mozilla debian CWE-79
6.1
6.1
2021-12-08 CVE-2021-43545 Excessive Iteration vulnerability in multiple products
Using the Location API in a loop could have caused severe application hangs and crashes.
network
low complexity
mozilla debian CWE-834
6.5
6.5
2021-12-08 CVE-2021-43546 Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products
It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor.
network
low complexity
mozilla debian CWE-1021
4.3
4.3
2021-12-08 CVE-2021-44420 In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. 7.3
7.3
2021-12-07 CVE-2021-42717 Uncontrolled Recursion vulnerability in multiple products
ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects.
network
low complexity
trustwave f5 debian oracle CWE-674
7.5
7.5
2021-12-06 CVE-2021-43784 runc is a CLI tool for spawning and running containers on Linux according to the OCI specification.
network
high complexity
linuxfoundation debian
5.0
5.0
2021-12-06 CVE-2021-4069 vim is vulnerable to Use After Free
local
low complexity
vim fedoraproject debian
7.8
7.8