Vulnerabilities > Fedoraproject > Fedora > 34

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-10	CVE-2021-26691	Out-of-bounds Write vulnerability in multiple products In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow network low complexity apache debian fedoraproject oracle netapp CWE-787 critical	9.8
2021-06-10	CVE-2021-30641	Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' network low complexity apache debian fedoraproject oracle	5.3
2021-06-09	CVE-2021-0086	Information Exposure Through Discrepancy vulnerability in multiple products Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. local low complexity intel fedoraproject CWE-203	6.5
2021-06-09	CVE-2021-0089	Information Exposure Through Discrepancy vulnerability in multiple products Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. local low complexity debian fedoraproject intel CWE-203	6.5
2021-06-09	CVE-2021-32677	Cross-Site Request Forgery (CSRF) vulnerability in multiple products FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. network low complexity tiangolo fedoraproject CWE-352	8.1
2021-06-09	CVE-2021-26314	Information Exposure Through Discrepancy vulnerability in multiple products Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage. local low complexity xen arm broadcom intel fedoraproject CWE-203	5.5
2021-06-09	CVE-2021-33829	Cross-site Scripting vulnerability in multiple products A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --!> is mishandled. network low complexity ckeditor fedoraproject drupal debian CWE-79	6.1
2021-06-08	CVE-2021-31957	ASP.NET Core Denial of Service Vulnerability network high complexity microsoft fedoraproject	5.9
2021-06-08	CVE-2021-31807	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. network low complexity squid-cache fedoraproject netapp CWE-190	6.5
2021-06-08	CVE-2021-22212	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products ntpkeygen can generate keys that ntpd fails to parse. network high complexity ntpsec fedoraproject CWE-327	7.4