Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-11 CVE-2021-44647 Type Confusion vulnerability in multiple products
Lua v5.4.3 and above are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service.
local
low complexity
lua fedoraproject CWE-843
5.5
5.5
2022-01-10 CVE-2022-0156 Use After Free vulnerability in multiple products
vim is vulnerable to Use After Free
local
low complexity
vim fedoraproject apple CWE-416
5.5
5.5
2022-01-10 CVE-2022-0157 Cross-site Scripting vulnerability in multiple products
phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
low complexity
phoronix-media fedoraproject CWE-79
5.4
5.4
2022-01-06 CVE-2021-46141 Use After Free vulnerability in multiple products
An issue was discovered in uriparser before 0.9.6. 		5.5
5.5
2022-01-06 CVE-2021-46142 Use After Free vulnerability in multiple products
An issue was discovered in uriparser before 0.9.6. 		5.5
5.5
2022-01-05 CVE-2021-45452 Path Traversal vulnerability in multiple products
Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it.
network
low complexity
djangoproject fedoraproject CWE-22
5.3
5.3
2022-01-04 CVE-2021-3842 nltk is vulnerable to Inefficient Regular Expression Complexity
network
low complexity
nltk debian fedoraproject
5.0
5.0
2022-01-01 CVE-2021-45930 Out-of-bounds Write vulnerability in multiple products
Qt SVG in Qt 5.0.0 through 5.15.2 and 6.0.0 through 6.2.1 has an out-of-bounds write in QtPrivate::QCommonArrayOps<QPainterPath::Element>::growAppend (called from QPainterPath::addPath and QPathClipper::intersect).
local
low complexity
qt fedoraproject debian CWE-787
5.5
5.5
2022-01-01 CVE-2021-45931 Out-of-bounds Write vulnerability in multiple products
HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t<hb_bit_set_invertible_t>::set and hb_set_copy).
network
low complexity
harfbuzz-project fedoraproject CWE-787
6.5
6.5
2022-01-01 CVE-2021-45942 Out-of-bounds Write vulnerability in multiple products
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask).
local
low complexity
openexr fedoraproject debian CWE-787
5.5
5.5