Vulnerabilities > Fedoraproject > Fedora

DATE CVE VULNERABILITY TITLE RISK
2022-02-06 CVE-2021-41816 Integer Overflow or Wraparound vulnerability in multiple products
CGI.escape_html in Ruby before 2.7.5 and 3.x before 3.0.3 has an integer overflow and resultant buffer overflow via a long string on platforms (such as Windows) where size_t and long have different numbers of bytes.
network
low complexity
ruby-lang fedoraproject CWE-190
critical
 9.8
9.8
2022-02-04 CVE-2021-40401 Unchecked Return Value vulnerability in multiple products
A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and Gerbv forked 2.7.1.
local
low complexity
gerbv-project fedoraproject debian CWE-252
8.6
8.6
2022-02-04 CVE-2021-40403 An information disclosure vulnerability exists in the pick-and-place rotation parsing functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.8.0.
local
low complexity
gerbv-project fedoraproject debian
6.3
6.3
2022-02-04 CVE-2022-23614 Code Injection vulnerability in multiple products
Twig is an open source template language for PHP.
network
low complexity
symfony fedoraproject debian CWE-94
critical
 9.8
9.8
2022-02-04 CVE-2022-23946 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010.
local
low complexity
kicad fedoraproject debian
7.8
7.8
2022-02-04 CVE-2022-23947 A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon DCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010.
local
low complexity
kicad fedoraproject debian
7.8
7.8
2022-02-03 CVE-2022-22818 Cross-site Scripting vulnerability in multiple products
The {% debug %} template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context.
network
low complexity
djangoproject fedoraproject debian CWE-79
6.1
6.1
2022-02-03 CVE-2022-23833 Infinite Loop vulnerability in multiple products
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2.
network
low complexity
djangoproject fedoraproject debian CWE-835
7.5
7.5
2022-02-02 CVE-2022-0443 Use After Free in GitHub repository vim/vim prior to 8.2.
local
low complexity
vim fedoraproject debian
7.8
7.8
2022-02-02 CVE-2022-21724 Improper Initialization vulnerability in multiple products
pgjdbc is the offical PostgreSQL JDBC Driver.
network
low complexity
postgresql fedoraproject quarkus debian CWE-665
critical
 9.8
9.8