Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-10	CVE-2021-26691	Out-of-bounds Write vulnerability in multiple products In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow network low complexity apache debian fedoraproject oracle netapp CWE-787 critical	9.8
2021-06-10	CVE-2021-30641	Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' network low complexity apache debian fedoraproject oracle	5.3
2021-06-09	CVE-2021-0086	Information Exposure Through Discrepancy vulnerability in multiple products Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. local low complexity intel fedoraproject CWE-203	6.5
2021-06-09	CVE-2021-0089	Information Exposure Through Discrepancy vulnerability in multiple products Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. local low complexity debian fedoraproject intel CWE-203	6.5
2021-06-09	CVE-2021-32677	FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. network low complexity tiangolo fedoraproject	8.1
2021-06-09	CVE-2021-26314	Information Exposure Through Discrepancy vulnerability in multiple products Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage. local low complexity xen arm broadcom intel fedoraproject CWE-203	5.5
2021-06-09	CVE-2021-33829	Cross-site Scripting vulnerability in multiple products A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executable JavaScript code through a crafted comment because --!> is mishandled. network low complexity ckeditor fedoraproject drupal debian CWE-79	6.1
2021-06-08	CVE-2021-31807	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. network low complexity squid-cache fedoraproject netapp CWE-190	6.5
2021-06-08	CVE-2021-33203	Path Traversal vulnerability in multiple products Django before 2.2.24, 3.x before 3.1.12, and 3.2.x before 3.2.4 has a potential directory traversal via django.contrib.admindocs. network low complexity djangoproject fedoraproject CWE-22	4.9
2021-06-08	CVE-2021-33571	Server-Side Request Forgery (SSRF) vulnerability in multiple products In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. network low complexity djangoproject fedoraproject CWE-918	7.5