Vulnerabilities > Fedoraproject > Fedora > High

DATE CVE VULNERABILITY TITLE RISK
2021-12-13 CVE-2020-16156 Improper Verification of Cryptographic Signature vulnerability in multiple products
CPAN 2.28 allows Signature Verification Bypass.
local
low complexity
perl fedoraproject CWE-347
7.8
7.8
2021-12-13 CVE-2021-43818 lxml is a library for processing XML and HTML in the Python language.
network
low complexity
lxml fedoraproject debian netapp oracle
7.1
7.1
2021-12-13 CVE-2020-16154 Improper Verification of Cryptographic Signature vulnerability in multiple products
The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.
local
low complexity
app fedoraproject CWE-347
7.8
7.8
2021-12-08 CVE-2021-44420 In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. 7.3
7.3
2021-12-07 CVE-2021-44686 Resource Exhaustion vulnerability in multiple products
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service) in html_preprocess_rules in ebooks/conversion/preprocess.py.
network
low complexity
calibre-ebook fedoraproject CWE-400
7.5
7.5
2021-12-06 CVE-2021-4069 vim is vulnerable to Use After Free
local
low complexity
vim fedoraproject debian
7.8
7.8
2021-12-01 CVE-2021-3984 vim is vulnerable to Heap-based Buffer Overflow
local
low complexity
vim fedoraproject debian
7.8
7.8
2021-12-01 CVE-2021-4019 vim is vulnerable to Heap-based Buffer Overflow
local
low complexity
vim fedoraproject debian
7.8
7.8
2021-11-24 CVE-2021-28705 Improper Handling of Exceptional Conditions vulnerability in multiple products
issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned.
local
low complexity
xen fedoraproject debian CWE-755
7.8
7.8
2021-11-24 CVE-2021-28709 Improper Handling of Exceptional Conditions vulnerability in multiple products
issues with partially successful P2M updates on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] x86 HVM and PVH guests may be started in populate-on-demand (PoD) mode, to provide a way for them to later easily have more memory assigned.
local
low complexity
xen fedoraproject debian CWE-755
7.8
7.8