Fedoraproject

Fedora

5357 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.52%
  • Veröffentlicht 11.03.2021 00:15:12
  • Zuletzt bearbeitet 21.11.2024 05:58:48

archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename.

  • EPSS 2.04%
  • Veröffentlicht 10.03.2021 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:48:02

In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) ...

  • EPSS 1.19%
  • Veröffentlicht 10.03.2021 17:15:15
  • Zuletzt bearbeitet 21.11.2024 05:46:07

Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.

Exploit
  • EPSS 4.34%
  • Veröffentlicht 10.03.2021 17:15:15
  • Zuletzt bearbeitet 21.11.2024 05:48:56

A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP() functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerab...

  • EPSS 13.01%
  • Veröffentlicht 09.03.2021 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:59:06

Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.

  • EPSS 1.85%
  • Veröffentlicht 09.03.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:27:29

A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, in...

Exploit
  • EPSS 88.64%
  • Veröffentlicht 09.03.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:47:58

Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be e...

  • EPSS 1.23%
  • Veröffentlicht 09.03.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:27:29

A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.

  • EPSS 1.57%
  • Veröffentlicht 09.03.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:27:29

In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.

  • EPSS 1.2%
  • Veröffentlicht 09.03.2021 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:46:12

A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability ...