Vulnerabilities > Debian > Debian Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-03-25 CVE-2020-1946 OS Command Injection vulnerability in multiple products
In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors.
network
low complexity
apache debian fedoraproject CWE-78
critical
 9.8
9.8
2021-03-23 CVE-2021-21342 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
critical
 9.1
9.1
2021-03-23 CVE-2021-21344 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
critical
 9.8
9.8
2021-03-23 CVE-2021-21345 OS Command Injection vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle CWE-78
critical
 9.9
9.9
2021-03-23 CVE-2021-21346 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
critical
 9.8
9.8
2021-03-23 CVE-2021-21347 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
critical
 9.8
9.8
2021-03-23 CVE-2021-21350 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
critical
 9.8
9.8
2021-03-23 CVE-2021-21351 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
critical
 9.1
9.1
2021-03-19 CVE-2021-28834 Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated.
network
low complexity
kramdown-project fedoraproject debian
critical
 9.8
9.8
2021-03-04 CVE-2020-28601 A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
network
low complexity
cgal fedoraproject debian
critical
 9.8
9.8