Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-21	CVE-2020-27846	Misinterpretation of Input vulnerability in multiple products A signature verification vulnerability exists in crewjam/saml. network low complexity grafana saml-project redhat fedoraproject CWE-115 critical	9.8
2020-12-18	CVE-2020-27781	Insufficiently Protected Credentials vulnerability in multiple products User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. local low complexity redhat fedoraproject CWE-522	7.1
2020-12-18	CVE-2020-35480	Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in MediaWiki before 1.35.1. network low complexity mediawiki debian fedoraproject CWE-203	5.3
2020-12-18	CVE-2020-35479	Cross-site Scripting vulnerability in multiple products MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. network low complexity mediawiki debian fedoraproject CWE-79	6.1
2020-12-18	CVE-2020-35478	Cross-site Scripting vulnerability in multiple products MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. network low complexity mediawiki fedoraproject CWE-79	6.1
2020-12-18	CVE-2020-35477	Always-Incorrect Control Flow Implementation vulnerability in multiple products MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. network low complexity mediawiki debian fedoraproject CWE-670	5.3
2020-12-18	CVE-2020-35475	Cross-site Scripting vulnerability in multiple products In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. network low complexity mediawiki debian fedoraproject CWE-79	7.5
2020-12-18	CVE-2020-35474	Cross-site Scripting vulnerability in multiple products In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that the output is raw HTML. network low complexity mediawiki fedoraproject CWE-79	6.1
2020-12-16	CVE-2020-26259	OS Command Injection vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network high complexity xstream-project debian fedoraproject CWE-78	6.8
2020-12-16	CVE-2020-26258	Server-Side Request Forgery (SSRF) vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity xstream-project debian fedoraproject CWE-918	7.7

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject