Vulnerabilities > Fedoraproject > Fedora > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-29 | CVE-2021-23358 | Code Injection vulnerability in multiple products The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized. | 7.2 |
| 2021-03-26 | CVE-2021-21332 | Cross-site Scripting vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 8.2 |
| 2021-03-26 | CVE-2021-20271 | A flaw was found in RPM's signature check functionality when reading a package file. | 7.0 |
| 2021-03-25 | CVE-2021-3450 | Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. | 7.4 |
| 2021-03-23 | CVE-2021-20270 | Infinite Loop vulnerability in multiple products An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. | 7.5 |
| 2021-03-23 | CVE-2021-21349 | XStream is a Java library to serialize objects to XML and back again. | 8.6 |
| 2021-03-23 | CVE-2021-21348 | Resource Exhaustion vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 7.5 |
| 2021-03-23 | CVE-2021-21343 | XStream is a Java library to serialize objects to XML and back again. | 7.5 |
| 2021-03-23 | CVE-2021-21341 | XStream is a Java library to serialize objects to XML and back again. | 7.5 |
| 2021-03-20 | CVE-2021-28952 | Classic Buffer Overflow vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.8. | 7.8 |