Vulnerabilities > Fedoraproject > Fedora > 35
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-05 | CVE-2021-31542 | Path Traversal vulnerability in multiple products In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names. | 7.5 |
| 2021-04-29 | CVE-2020-15225 | django-filter is a generic system for filtering Django QuerySets based on user selections. | 6.5 |
| 2021-04-23 | CVE-2021-31607 | OS Command Injection vulnerability in multiple products In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. | 7.8 |
| 2021-04-22 | CVE-2021-0232 | Authentication Bypass by Spoofing vulnerability in multiple products An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control Center may allow an attacker with specific information about the deployment to mimic an already registered Test Agent and access its configuration including associated inventory details. | 7.4 |
| 2021-04-19 | CVE-2021-20208 | Improper Privilege Management vulnerability in multiple products A flaw was found in cifs-utils in versions before 6.13. | 6.1 |
| 2021-03-23 | CVE-2021-21351 | XStream is a Java library to serialize objects to XML and back again. | 9.1 |
| 2021-03-23 | CVE-2021-21350 | XStream is a Java library to serialize objects to XML and back again. | 9.8 |
| 2021-03-23 | CVE-2021-21349 | XStream is a Java library to serialize objects to XML and back again. | 8.6 |
| 2021-03-23 | CVE-2021-21348 | Resource Exhaustion vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 7.5 |
| 2021-03-23 | CVE-2021-21347 | XStream is a Java library to serialize objects to XML and back again. | 9.8 |