Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-23 CVE-2021-3405 A flaw was found in libebml before 1.4.2.
network
low complexity
matroska fedoraproject debian
6.5
6.5
2021-02-23 CVE-2021-26927 A flaw was found in jasper before 2.0.25.
local
low complexity
jasper-project fedoraproject
5.5
5.5
2021-02-23 CVE-2021-20229 A flaw was found in PostgreSQL in versions before 13.2.
network
low complexity
postgresql redhat fedoraproject
4.3
4.3
2021-02-18 CVE-2020-28463 Server-Side Request Forgery (SSRF) vulnerability in multiple products
All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags.
network
low complexity
reportlab fedoraproject CWE-918
6.5
6.5
2021-02-17 CVE-2021-26933 An issue was discovered in Xen 4.9 through 4.14.x.
local
low complexity
xen fedoraproject debian
5.5
5.5
2021-02-17 CVE-2021-26932 An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen.
local
low complexity
linux fedoraproject debian netapp
5.5
5.5
2021-02-17 CVE-2021-26931 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen.
local
low complexity
linux fedoraproject debian CWE-770
5.5
5.5
2021-02-15 CVE-2021-23336 HTTP Request Smuggling vulnerability in multiple products
The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. 		5.9
5.9
2021-02-11 CVE-2021-22881 Open Redirect vulnerability in multiple products
The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3.5 suffers from an open redirect vulnerability.
network
low complexity
rubyonrails fedoraproject CWE-601
6.1
6.1
2021-02-09 CVE-2021-21147 Inappropriate implementation in Skia in Google Chrome prior to 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
network
low complexity
google fedoraproject
4.3
4.3