Vulnerabilities > Fedoraproject > Fedora > 34
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-13 | CVE-2022-23133 | Cross-site Scripting vulnerability in multiple products An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. | 5.4 |
| 2022-01-13 | CVE-2022-23134 | Improper Authentication vulnerability in multiple products After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. | 5.3 |
| 2022-01-13 | CVE-2022-0196 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) | 8.8 |
| 2022-01-13 | CVE-2022-0197 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) | 8.8 |
| 2022-01-12 | CVE-2021-44648 | Out-of-bounds Write vulnerability in multiple products GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12. | 8.8 |
| 2022-01-11 | CVE-2022-0173 | Out-of-bounds Read vulnerability in multiple products radare2 is vulnerable to Out-of-bounds Read | 5.5 |
| 2022-01-11 | CVE-2021-44647 | Type Confusion vulnerability in multiple products Lua v5.4.3 and above are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service. | 5.5 |
| 2022-01-10 | CVE-2022-21668 | Improper Validation of Specified Quantity in Input vulnerability in multiple products pipenv is a Python development workflow tool. | 8.6 |
| 2022-01-10 | CVE-2022-0156 | Use After Free vulnerability in multiple products vim is vulnerable to Use After Free | 5.5 |
| 2022-01-10 | CVE-2022-0157 | Cross-site Scripting vulnerability in multiple products phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 5.4 |