Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-03-11 CVE-2021-27919 archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename.
local
low complexity
golang fedoraproject
5.5
5.5
2021-03-10 CVE-2021-21334 Exposure of Resource to Wrong Sphere vulnerability in multiple products
In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers.
network
high complexity
linuxfoundation fedoraproject CWE-668
6.3
6.3
2021-03-10 CVE-2021-20205 Divide By Zero vulnerability in multiple products
Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.
network
low complexity
libjpeg-turbo fedoraproject CWE-369
6.5
6.5
2021-03-09 CVE-2021-28116 Out-of-bounds Read vulnerability in multiple products
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data.
network
low complexity
squid-cache fedoraproject debian CWE-125
5.3
5.3
2021-03-09 CVE-2020-35522 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c.
local
low complexity
libtiff netapp fedoraproject redhat CWE-119
5.5
5.5
2021-03-09 CVE-2020-35521 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in libtiff.
local
low complexity
libtiff redhat fedoraproject netapp CWE-119
5.5
5.5
2021-03-09 CVE-2021-20246 A flaw was found in ImageMagick in MagickCore/resample.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
5.5
2021-03-09 CVE-2021-20245 A flaw was found in ImageMagick in coders/webp.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
5.5
2021-03-09 CVE-2021-20244 A flaw was found in ImageMagick in MagickCore/visual-effects.c.
local
low complexity
imagemagick redhat fedoraproject debian
5.5
5.5
2021-03-09 CVE-2021-21189 Insufficient policy enforcement in payments in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3