Vulnerabilities > Fedoraproject > Fedora > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-31 | CVE-2020-35884 | HTTP Request Smuggling vulnerability in multiple products An issue was discovered in the tiny_http crate through 2020-06-16 for Rust. | 6.5 |
| 2020-12-28 | CVE-2020-35730 | Cross-site Scripting vulnerability in multiple products An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. | 6.1 |
| 2020-12-28 | CVE-2020-35738 | Integer Overflow or Wraparound vulnerability in multiple products WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. | 6.1 |
| 2020-12-26 | CVE-2020-29385 | Infinite Loop vulnerability in multiple products GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. | 5.5 |
| 2020-12-18 | CVE-2020-35480 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in MediaWiki before 1.35.1. | 5.3 |
| 2020-12-18 | CVE-2020-35479 | Cross-site Scripting vulnerability in multiple products MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. | 6.1 |
| 2020-12-18 | CVE-2020-35478 | Cross-site Scripting vulnerability in multiple products MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. | 6.1 |
| 2020-12-18 | CVE-2020-35477 | Always-Incorrect Control Flow Implementation vulnerability in multiple products MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. | 5.3 |
| 2020-12-18 | CVE-2020-35474 | Cross-site Scripting vulnerability in multiple products In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that the output is raw HTML. | 6.1 |
| 2020-12-16 | CVE-2020-26259 | XStream is a Java library to serialize objects to XML and back again. | 6.8 |