Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2021-08-23 CVE-2021-39153 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
XStream is a simple library to serialize objects to XML and back again.
8.5
2021-08-23 CVE-2021-39154 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
XStream is a simple library to serialize objects to XML and back again.
8.5
2021-08-23 CVE-2021-37750 NULL Pointer Dereference vulnerability in multiple products
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field.
6.5
2021-08-22 CVE-2021-39358 Improper Certificate Validation vulnerability in multiple products
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks.
network
high complexity
gnome fedoraproject CWE-295
5.9
2021-08-22 CVE-2021-39359 Improper Certificate Validation vulnerability in multiple products
In GNOME libgda through 6.0.0, gda-web-provider.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks.
network
high complexity
gnome fedoraproject CWE-295
5.9
2021-08-22 CVE-2021-39360 Improper Certificate Validation vulnerability in multiple products
In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks.
network
high complexity
gnome fedoraproject CWE-295
5.9
2021-08-18 CVE-2021-25218 Reachable Assertion vulnerability in multiple products
In BIND 9.16.19, 9.17.16.
network
low complexity
isc fedoraproject CWE-617
7.5
2021-08-17 CVE-2021-39240 An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
network
low complexity
haproxy debian fedoraproject
7.5
2021-08-17 CVE-2021-39241 An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
network
low complexity
haproxy debian fedoraproject
5.3
2021-08-17 CVE-2021-39242 Improper Handling of Exceptional Conditions vulnerability in multiple products
An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.13, and 2.4 before 2.4.3.
network
low complexity
haproxy debian fedoraproject CWE-755
7.5