Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-26 CVE-2021-21274 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).
network
low complexity
matrix fedoraproject CWE-770
6.5
6.5
2021-02-26 CVE-2021-21273 Open Redirect vulnerability in multiple products
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).
network
low complexity
matrix fedoraproject CWE-601
6.1
6.1
2021-02-26 CVE-2021-21330 aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp debian fedoraproject
6.1
6.1
2021-02-26 CVE-2020-24455 Missing Initialization of Resource vulnerability in multiple products
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. 		6.7
6.7
2021-02-23 CVE-2021-3407 A flaw was found in mupdf 1.18.0.
local
low complexity
artifex fedoraproject debian
5.5
5.5
2021-02-23 CVE-2021-3405 A flaw was found in libebml before 1.4.2.
network
low complexity
matroska fedoraproject debian
6.5
6.5
2021-02-23 CVE-2021-26927 A flaw was found in jasper before 2.0.25.
local
low complexity
jasper-project fedoraproject
5.5
5.5
2021-02-23 CVE-2021-20229 A flaw was found in PostgreSQL in versions before 13.2.
network
low complexity
postgresql redhat fedoraproject
4.3
4.3
2021-02-18 CVE-2020-28463 Server-Side Request Forgery (SSRF) vulnerability in multiple products
All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags.
network
low complexity
reportlab fedoraproject CWE-918
6.5
6.5
2021-02-17 CVE-2021-26933 An issue was discovered in Xen 4.9 through 4.14.x.
local
low complexity
xen fedoraproject debian
5.5
5.5