Vulnerabilities > Fedoraproject > Fedora > 34

DATE CVE VULNERABILITY TITLE RISK
2021-08-09 CVE-2021-37620 Out-of-bounds Read vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian CWE-125
5.5
5.5
2021-08-09 CVE-2021-37621 Infinite Loop vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian CWE-835
5.5
5.5
2021-08-09 CVE-2021-37622 Infinite Loop vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian CWE-835
5.5
5.5
2021-08-09 CVE-2021-32815 Reachable Assertion vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian CWE-617
5.5
5.5
2021-08-09 CVE-2021-34334 Infinite Loop vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject debian CWE-835
5.5
5.5
2021-08-09 CVE-2021-37623 Infinite Loop vulnerability in multiple products
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files.
local
low complexity
exiv2 fedoraproject CWE-835
5.5
5.5
2021-08-08 CVE-2021-36221 Race Condition vulnerability in multiple products
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
network
high complexity
golang fedoraproject debian oracle siemens CWE-362
5.9
5.9
2021-08-07 CVE-2021-38173 Command Injection vulnerability in multiple products
Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.
network
low complexity
digint debian fedoraproject CWE-77
critical
 9.8
9.8
2021-08-07 CVE-2021-38165 Insufficiently Protected Credentials vulnerability in multiple products
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
network
high complexity
lynx-project debian fedoraproject CWE-522
5.3
5.3
2021-08-07 CVE-2021-38166 Integer Overflow or Wraparound vulnerability in multiple products
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket.
local
low complexity
linux fedoraproject debian CWE-190
7.8
7.8