Vulnerabilities > Fedoraproject > Fedora > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-03-04 CVE-2020-35628 A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
network
low complexity
cgal fedoraproject debian
critical
 9.8
9.8
2021-03-04 CVE-2020-28636 A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
network
low complexity
cgal fedoraproject debian
critical
 9.8
9.8
2021-03-04 CVE-2020-28601 A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1.
network
low complexity
cgal fedoraproject debian
critical
 9.8
9.8
2021-02-27 CVE-2021-3197 Injection vulnerability in multiple products
An issue was discovered in SaltStack Salt before 3002.5.
network
low complexity
saltstack fedoraproject debian CWE-74
critical
 9.8
9.8
2021-02-27 CVE-2021-3148 Command Injection vulnerability in multiple products
An issue was discovered in SaltStack Salt before 3002.5.
network
low complexity
saltstack fedoraproject debian CWE-77
critical
 9.8
9.8
2021-02-27 CVE-2021-3144 Insufficient Session Expiration vulnerability in multiple products
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration.
network
low complexity
saltstack fedoraproject debian CWE-613
critical
 9.1
9.1
2021-02-27 CVE-2021-25283 Code Injection vulnerability in multiple products
An issue was discovered in through SaltStack Salt before 3002.5.
network
low complexity
saltstack fedoraproject debian CWE-94
critical
 9.8
9.8
2021-02-27 CVE-2021-25282 Path Traversal vulnerability in multiple products
An issue was discovered in through SaltStack Salt before 3002.5.
network
low complexity
saltstack fedoraproject debian CWE-22
critical
 9.1
9.1
2021-02-27 CVE-2021-25281 Improper Authentication vulnerability in multiple products
An issue was discovered in through SaltStack Salt before 3002.5.
network
low complexity
saltstack fedoraproject debian CWE-287
critical
 9.8
9.8
2021-02-25 CVE-2021-3406 Improper Certificate Validation vulnerability in multiple products
A flaw was found in keylime 5.8.1 and older.
network
low complexity
keylime fedoraproject CWE-295
critical
 9.8
9.8