Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-02	CVE-2021-1788	Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. network low complexity apple debian fedoraproject CWE-416	8.8
2021-04-02	CVE-2021-1765	This issue was addressed with improved iframe sandbox enforcement. network low complexity apple fedoraproject webkitgtk	6.5
2021-04-02	CVE-2020-29623	"Clear History and Website Data" did not clear the history. local low complexity apple fedoraproject webkitgtk	3.3
2021-04-01	CVE-2021-29421	XXE vulnerability in multiple products models/metadata.py in the pikepdf package 1.3.0 through 2.9.2 for Python allows XXE when parsing XMP metadata entries. network low complexity pikepdf-project fedoraproject CWE-611	7.5
2021-04-01	CVE-2021-3447	A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. local low complexity redhat fedoraproject	5.5
2021-04-01	CVE-2021-22890	Authentication Bypass by Spoofing vulnerability in multiple products curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. network high complexity haxx fedoraproject netapp broadcom debian siemens oracle splunk CWE-290	3.7
2021-04-01	CVE-2021-22876	Information Exposure vulnerability in multiple products curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. network low complexity haxx fedoraproject netapp broadcom debian siemens oracle splunk CWE-200	5.3
2021-04-01	CVE-2021-20291	A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. network low complexity storage-project redhat fedoraproject	6.5
2021-04-01	CVE-2021-28163	Link Following vulnerability in multiple products In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory. network low complexity eclipse fedoraproject apache netapp oracle CWE-59	2.7
2021-03-30	CVE-2021-29650	An issue was discovered in the Linux kernel before 5.11.11. local low complexity linux fedoraproject debian	5.5