Vulnerabilities > Fedoraproject > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-19 | CVE-2021-28834 | Kramdown before 2.3.1 does not restrict Rouge formatters to the Rouge::Formatters namespace, and thus arbitrary classes can be instantiated. | 9.8 |
| 2021-03-12 | CVE-2021-20232 | Use After Free vulnerability in multiple products A flaw was found in gnutls. | 9.8 |
| 2021-03-12 | CVE-2021-20231 | Use After Free vulnerability in multiple products A flaw was found in gnutls. | 9.8 |
| 2021-03-05 | CVE-2021-3420 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in newlib in versions prior to 4.0.0. | 9.8 |
| 2021-03-04 | CVE-2020-35628 | Improper Validation of Array Index vulnerability in multiple products A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. | 9.8 |
| 2021-03-04 | CVE-2020-28636 | Improper Validation of Array Index vulnerability in multiple products A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. | 9.8 |
| 2021-03-04 | CVE-2020-28601 | Improper Validation of Array Index vulnerability in multiple products A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. | 9.8 |
| 2021-02-27 | CVE-2021-3197 | Injection vulnerability in multiple products An issue was discovered in SaltStack Salt before 3002.5. | 9.8 |
| 2021-02-27 | CVE-2021-3148 | Command Injection vulnerability in multiple products An issue was discovered in SaltStack Salt before 3002.5. | 9.8 |
| 2021-02-27 | CVE-2021-3144 | Insufficient Session Expiration vulnerability in multiple products In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. | 9.1 |