Vulnerabilities > Fedoraproject > Extra Packages FOR Enterprise Linux > 7.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2022-0546 | Integer Overflow or Wraparound vulnerability in multiple products A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution. | 7.8 |
| 2022-02-15 | CVE-2022-21698 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. | 7.5 |
| 2022-02-14 | CVE-2022-0571 | Cross-site Scripting vulnerability in multiple products Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2. | 6.1 |
| 2022-01-31 | CVE-2021-45079 | NULL Pointer Dereference vulnerability in multiple products In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication. | 9.1 |
| 2021-12-29 | CVE-2021-23727 | Command Injection vulnerability in multiple products This affects the package celery before 5.2.2. | 7.5 |
| 2021-11-22 | CVE-2021-43558 | Cross-site Scripting vulnerability in multiple products A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. | 6.1 |
| 2021-11-22 | CVE-2021-43559 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. | 8.8 |
| 2021-11-22 | CVE-2021-43560 | Exposure of Resource to Wrong Sphere vulnerability in multiple products A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. | 5.3 |
| 2021-09-08 | CVE-2021-21897 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A code execution vulnerability exists in the DL_Dxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. | 8.8 |
| 2021-08-24 | CVE-2021-38714 | Integer Overflow or Wraparound vulnerability in multiple products In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. | 8.8 |