Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-13 | CVE-2019-20907 | Infinite Loop vulnerability in multiple products In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. | 7.5 |
| 2020-07-09 | CVE-2020-12402 | Information Exposure Through Discrepancy vulnerability in multiple products During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. | 4.4 |
| 2020-07-07 | CVE-2020-15095 | Information Exposure Through Log Files vulnerability in multiple products Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. | 4.4 |
| 2020-07-07 | CVE-2020-10745 | Resource Exhaustion vulnerability in multiple products A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. | 7.5 |
| 2020-07-07 | CVE-2020-10730 | Use After Free vulnerability in multiple products A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. | 6.5 |
| 2020-07-07 | CVE-2020-15567 | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. | 7.8 |
| 2020-07-07 | CVE-2020-15565 | Resource Exhaustion vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. | 8.8 |
| 2020-07-07 | CVE-2020-15564 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOP_register_vcpu_info. | 6.5 |
| 2020-07-07 | CVE-2020-15563 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. | 6.5 |
| 2020-07-06 | CVE-2020-10760 | Use After Free vulnerability in multiple products A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. | 6.5 |