Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-14 | CVE-2021-29338 | Integer Overflow or Wraparound vulnerability in multiple products Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). | 5.5 |
| 2021-04-14 | CVE-2021-27815 | NULL Pointer Dereference vulnerability in multiple products NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash. | 5.5 |
| 2021-04-14 | CVE-2021-22879 | Injection vulnerability in multiple products Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. | 8.8 |
| 2021-04-14 | CVE-2021-31162 | Double Free vulnerability in multiple products In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics. | 9.8 |
| 2021-04-14 | CVE-2020-36323 | Use of Externally-Controlled Format String vulnerability in multiple products In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. | 8.2 |
| 2021-04-12 | CVE-2021-21393 | Improper Input Validation vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.5 |
| 2021-04-12 | CVE-2021-21392 | Open Redirect vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.3 |
| 2021-04-12 | CVE-2021-21394 | Improper Input Validation vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.5 |
| 2021-04-11 | CVE-2021-28879 | Integer Overflow or Wraparound vulnerability in multiple products In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. | 9.8 |
| 2021-04-11 | CVE-2021-28878 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. | 7.5 |