Vulnerabilities > Fedoraproject > Fedora > 38

DATE CVE VULNERABILITY TITLE RISK
2023-06-09 CVE-2023-32732 gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies.
network
low complexity
grpc fedoraproject
5.3
5.3
2023-06-08 CVE-2023-29402 Code Injection vulnerability in multiple products
The go command may generate unexpected code at build time when using cgo.
network
low complexity
golang fedoraproject CWE-94
critical
 9.8
9.8
2023-06-08 CVE-2023-29403 Exposure of Resource to Wrong Sphere vulnerability in multiple products
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits.
local
low complexity
golang fedoraproject CWE-668
7.8
7.8
2023-06-08 CVE-2023-29404 Code Injection vulnerability in multiple products
The go command may execute arbitrary code at build time when using cgo.
network
low complexity
golang fedoraproject CWE-94
critical
 9.8
9.8
2023-06-08 CVE-2023-29405 Injection vulnerability in multiple products
The go command may execute arbitrary code at build time when using cgo.
network
low complexity
golang fedoraproject CWE-74
critical
 9.8
9.8
2023-06-08 CVE-2023-34969 D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon.
network
low complexity
freedesktop fedoraproject debian
6.5
6.5
2023-06-06 CVE-2023-2602 Memory Leak vulnerability in multiple products
A vulnerability was found in the pthread_create() function in libcap. 		3.3
3.3
2023-06-06 CVE-2023-2603 Integer Overflow or Wraparound vulnerability in multiple products
A vulnerability was found in libcap. 		7.8
7.8
2023-06-06 CVE-2023-33460 Memory Leak vulnerability in multiple products
There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function.
network
low complexity
yajl-project fedoraproject debian CWE-401
6.5
6.5
2023-06-05 CVE-2023-3079 Type Confusion vulnerability in multiple products
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 		8.8
8.8