Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-23 | CVE-2019-11045 | Injection vulnerability in multiple products In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. | 5.9 |
| 2019-12-23 | CVE-2019-11044 | In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. | 7.5 |
| 2019-12-20 | CVE-2019-16786 | HTTP Request Smuggling vulnerability in multiple products Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. | 7.5 |
| 2019-12-20 | CVE-2019-16785 | HTTP Request Smuggling vulnerability in multiple products Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. | 7.5 |
| 2019-12-20 | CVE-2019-19918 | Out-of-bounds Write vulnerability in multiple products Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. | 7.8 |
| 2019-12-20 | CVE-2019-19917 | Classic Buffer Overflow vulnerability in multiple products Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. | 7.8 |
| 2019-12-19 | CVE-2019-19906 | Off-by-one Error vulnerability in multiple products cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. | 7.5 |
| 2019-12-18 | CVE-2019-16782 | Information Exposure Through Discrepancy vulnerability in multiple products There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). | 5.9 |
| 2019-12-18 | CVE-2018-1311 | Use After Free vulnerability in multiple products The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. | 8.1 |
| 2019-12-17 | CVE-2019-3996 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests. | 6.5 |