Vulnerabilities > Fedoraproject > Extra Packages FOR Enterprise Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-5764 | A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. | 7.8 |
| 2023-11-09 | CVE-2023-5539 | Code Injection vulnerability in multiple products A remote code execution risk was identified in the Lesson activity. | 8.8 |
| 2023-11-09 | CVE-2023-5540 | Code Injection vulnerability in multiple products A remote code execution risk was identified in the IMSCP activity. | 8.8 |
| 2023-09-25 | CVE-2022-4318 | Improper Control of Dynamically-Managed Code Resources vulnerability in multiple products A vulnerability was found in cri-o. | 7.8 |
| 2023-07-10 | CVE-2023-34432 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. | 7.8 |
| 2023-07-10 | CVE-2023-34318 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. | 7.8 |
| 2023-05-30 | CVE-2023-34153 | Command Injection vulnerability in multiple products A vulnerability was found in ImageMagick. | 7.8 |
| 2023-05-02 | CVE-2023-30944 | SQL Injection vulnerability in multiple products The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. | 7.3 |
| 2022-09-30 | CVE-2022-40313 | Cross-site Scripting vulnerability in multiple products Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load. | 7.1 |
| 2022-08-29 | CVE-2022-0367 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. | 7.8 |