fedoraproject

5,420 tracked vulnerabilities.

CVE-2021-41091 MEDIUM
Moby < 20.10.9 - Unprivileged Host User Data Exposure and Privilege Escalation via Insufficient Directory Permissions
Oct 04, 2021
CVSS 6.3
EPSS 0.05
CVE-2021-41089 LOW
Moby < 20.10.9 - Unix File Permission Changes via docker cp
Oct 04, 2021
CVSS 2.8
EPSS 0.00
CVE-2021-41092 MEDIUM
Docker CLI <20.10.9 - Info Disclosure
Oct 04, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-41099 HIGH
Redis <6.2.6/<6.0.16/<5.0.14 - Heap Corruption via proto-max-bulk-len
Oct 04, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-32762 HIGH
Redis 5.0.0-5.0.13 - Integer Overflow in Multi-Bulk Reply Parsing
Oct 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32687 HIGH
Redis <6.2.6/<6.0.16/<5.0.14 - Heap Corruption via set-max-intset-entries
Oct 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32675 HIGH
Redis 5.0.0-5.0.13 - Unauthenticated Denial of Service via RESP Request Memory Allocation
Oct 04, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-32672 MEDIUM
Redis <6.2.6-5.0.14 - Use After Free
Oct 04, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-32628 HIGH
Redis 5.0.0-5.0.13 - Remote Code Execution via Ziplist Integer Overflow
Oct 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32627 HIGH
Redis 5.0.0-5.0.13 - Remote Code Execution via Integer Overflow in Stream Elements
Oct 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-32626 HIGH
Redis 2.6-5.0.13 - Heap-based Buffer Overflow via Lua Script Execution
Oct 04, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-41103 HIGH
containerd < 1.4.11 - Unauthenticated Path Traversal and Privilege Escalation via Insufficient Directory Permissions
Oct 04, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-41864 HIGH
Linux Kernel < 5.14.12 - Integer Overflow to Out-of-Bounds Write in eBPF Stackmap
Oct 02, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-22947 MEDIUM
curl >=7.20.0 <=7.78.0 - Info Disclosure
Sep 29, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-22946 HIGH
curl >=7.20.0-7.78.0 - Info Disclosure
Sep 29, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-41617 HIGH
OpenSSH 6.2-8.x - Privilege Escalation via AuthorizedKeysCommand and AuthorizedPrincipalsCommand Helper Programs
Sep 26, 2021
CVSS 7.0
EPSS 0.00
CVE-2021-22945 CRITICAL
libcurl <= 7.73.0, 7.78.0 - Use After Free
Sep 23, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-32838 HIGH
flask-restx < 0.5.1 - Regular Expression Denial of Service via Email Validation
Sep 20, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-41073 HIGH
Linux kernel <5.14.6 - Privilege Escalation
Sep 19, 2021
CVSS 7.8
EPSS 0.02
CVE-2021-39218 MEDIUM
Wasmtime 0.26.0-0.29.0 - Use-After-Free and Out-of-Bounds Read/Write via ExternRef GC Safepoint Handling
Sep 17, 2021
CVSS 6.3
EPSS 0.00
CVE-2021-39219 MEDIUM
Wasmtime < 0.30.0 - Type Confusion via Cross-Engine Linker Usage
Sep 17, 2021
CVSS 6.3
EPSS 0.00
CVE-2021-39216 MEDIUM
Wasmtime 0.19.0-0.29.0 - Use-After-Free via Externref Host-to-Guest Passing
Sep 17, 2021
CVSS 6.3
EPSS 0.00
CVE-2021-40438 CRITICAL KEVNUCLEI
Apache HTTP Server <2.4.48 - SSRF
Sep 16, 2021
CVSS 9.0
EPSS 0.94
CVE-2021-39275 CRITICAL
Apache HTTP Server < 2.4.49 - Out-of-bounds Write in ap_escape_quotes()
Sep 16, 2021
CVSS 9.8
EPSS 0.38
CVE-2021-36160 HIGH
Apache HTTP Server 2.4.30-2.4.48 - Denial of Service via mod_proxy_uwsgi URI Path
Sep 16, 2021
CVSS 7.5
EPSS 0.05
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV