Vulnerabilities > Fedoraproject > Fedora > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-31	CVE-2021-39163	Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. network high complexity matrix fedoraproject	3.1
2021-08-05	CVE-2021-22924	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. network high complexity haxx fedoraproject debian netapp oracle siemens splunk CWE-706	3.7
2021-07-12	CVE-2021-32680	Nextcloud Server is a Nextcloud package that handles data storage. local low complexity nextcloud fedoraproject	3.3
2021-07-01	CVE-2021-36087	Out-of-bounds Read vulnerability in multiple products The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). local low complexity selinux-project fedoraproject CWE-125	3.3
2021-07-01	CVE-2021-36086	Use After Free vulnerability in multiple products The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). local low complexity selinux-project fedoraproject CWE-416	3.3
2021-07-01	CVE-2021-36085	Use After Free vulnerability in multiple products The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map). local low complexity selinux-project fedoraproject CWE-416	3.3
2021-07-01	CVE-2021-36084	Use After Free vulnerability in multiple products The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper). local low complexity selinux-project fedoraproject CWE-416	3.3
2021-06-18	CVE-2020-18442	Infinite Loop vulnerability in multiple products Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file". local low complexity zziplib-project debian fedoraproject CWE-835	3.3
2021-06-15	CVE-2021-3595	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. local low complexity libslirp-project redhat debian fedoraproject	3.8
2021-06-15	CVE-2021-3594	An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. local low complexity libslirp-project redhat debian fedoraproject	3.8