Vulnerabilities > Fedoraproject > Extra Packages FOR Enterprise Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-23 | CVE-2023-0056 | Resource Exhaustion vulnerability in multiple products An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. | 6.5 |
| 2023-03-23 | CVE-2023-1289 | Improper Input Validation vulnerability in multiple products A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. | 5.5 |
| 2022-11-29 | CVE-2022-4144 | An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. | 6.5 |
| 2022-09-30 | CVE-2022-40316 | Missing Authorization vulnerability in multiple products The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to. | 4.3 |
| 2022-09-19 | CVE-2022-3213 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow issue was found in ImageMagick. | 5.5 |
| 2022-08-10 | CVE-2022-2719 | Reachable Assertion vulnerability in multiple products In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. | 5.5 |
| 2022-03-10 | CVE-2021-3733 | Resource Exhaustion vulnerability in multiple products There's a flaw in urllib's AbstractBasicAuthHandler class. | 6.5 |
| 2022-02-14 | CVE-2022-0571 | Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2. | 6.1 |
| 2022-01-06 | CVE-2021-46141 | Use After Free vulnerability in multiple products An issue was discovered in uriparser before 0.9.6. | 5.5 |
| 2022-01-06 | CVE-2021-46142 | Use After Free vulnerability in multiple products An issue was discovered in uriparser before 0.9.6. | 5.5 |