Vulnerabilities > Fedoraproject > Fedora > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-06 | CVE-2021-30157 | Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. | 6.1 |
| 2021-04-06 | CVE-2021-30154 | Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. | 6.1 |
| 2021-04-02 | CVE-2021-1801 | This issue was addressed with improved iframe sandbox enforcement. | 6.5 |
| 2021-04-02 | CVE-2021-1799 | A port redirection issue was addressed with additional port validation. | 6.5 |
| 2021-04-02 | CVE-2021-1765 | This issue was addressed with improved iframe sandbox enforcement. | 6.5 |
| 2021-04-01 | CVE-2021-3447 | Information Exposure Through Log Files vulnerability in multiple products A flaw was found in several ansible modules, where parameters containing credentials, such as secrets, were being logged in plain-text on managed nodes, as well as being made visible on the controller node when run in verbose mode. | 5.5 |
| 2021-04-01 | CVE-2021-22876 | Information Exposure vulnerability in multiple products curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. | 5.3 |
| 2021-04-01 | CVE-2021-20291 | Improper Locking vulnerability in multiple products A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. | 6.5 |
| 2021-03-30 | CVE-2021-29650 | An issue was discovered in the Linux kernel before 5.11.11. | 5.5 |
| 2021-03-30 | CVE-2021-29649 | Memory Leak vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.11. | 5.5 |