Filtered by vendor Fedoraproject Subscriptions
Filtered by product Fedora Subscriptions
Total 5125 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-28755 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Enterprise Linux and 2 more 2024-11-21 5.3 Medium
A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.
CVE-2023-28686 3 Debian, Dino, Fedoraproject 3 Debian Linux, Dino, Fedora 2024-11-21 7.1 High
Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then be tricked into disclosing sensitive information.
CVE-2023-28447 2 Fedoraproject, Smarty 2 Fedora, Smarty 2024-11-21 7.1 High
Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Users are advised to upgrade to either version 3.1.48 or to 4.3.1 to resolve this issue. There are no known workarounds for this vulnerability.
CVE-2023-28439 2 Ckeditor, Fedoraproject 2 Ckeditor, Fedora 2024-11-21 4.7 Medium
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages on a web page with missing proper Content Security Policy configuration; initializing the editor on an element and using an element other than `<textarea>` as a base; and destroying the editor instance. This vulnerability might affect a small percentage of integrators that depend on dynamic editor initialization/destroy mechanism. A fix is available in CKEditor4 version 4.21.0. In some rare cases, a security fix may be considered a breaking change. Starting from version 4.21.0, the Iframe Dialog plugin applies the `sandbox` attribute by default, which restricts JavaScript code execution in the iframe element. To change this behavior, configure the `config.iframe_attributes` option. Also starting from version 4.21.0, the Media Embed plugin regenerates the entire content of the embed widget by default. To change this behavior, configure the `config.embed_keepOriginalContent` option. Those who choose to enable either of the more permissive options or who cannot upgrade to a patched version should properly configure Content Security Policy to avoid any potential security issues that may arise from embedding iframe elements on their web page.
CVE-2023-28336 2 Fedoraproject, Moodle 2 Fedora, Moodle 2024-11-21 4.3 Medium
Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.
CVE-2023-28333 2 Fedoraproject, Moodle 2 Fedora, Moodle 2024-11-21 9.8 Critical
The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).
CVE-2023-28322 5 Apple, Fedoraproject, Haxx and 2 more 17 Macos, Fedora, Curl and 14 more 2024-11-21 3.7 Low
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
CVE-2023-28321 6 Apple, Debian, Fedoraproject and 3 more 17 Macos, Debian Linux, Fedora and 14 more 2024-11-21 5.9 Medium
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.
CVE-2023-27538 7 Broadcom, Debian, Fedoraproject and 4 more 16 Brocade Fabric Operating System Firmware, Debian Linux, Fedora and 13 more 2024-11-21 5.5 Medium
An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.
CVE-2023-27536 6 Debian, Fedoraproject, Haxx and 3 more 16 Debian Linux, Fedora, Libcurl and 13 more 2024-11-21 5.9 Medium
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.
CVE-2023-27535 6 Debian, Fedoraproject, Haxx and 3 more 16 Debian Linux, Fedora, Libcurl and 13 more 2024-11-21 5.9 Medium
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.
CVE-2023-27534 6 Broadcom, Fedoraproject, Haxx and 3 more 15 Brocade Fabric Operating System Firmware, Fedora, Curl and 12 more 2024-11-21 8.8 High
A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.
CVE-2023-27533 5 Fedoraproject, Haxx, Netapp and 2 more 15 Fedora, Curl, Active Iq Unified Manager and 12 more 2024-11-21 8.8 High
A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input, thereby enabling attackers to execute arbitrary code on the system.
CVE-2023-27320 2 Fedoraproject, Sudo Project 2 Fedora, Sudo 2024-11-21 7.2 High
Sudo before 1.9.13p2 has a double free in the per-command chroot feature.
CVE-2023-26916 2 Cesnet, Fedoraproject 2 Libyang, Fedora 2024-11-21 5.3 Medium
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
CVE-2023-26590 3 Fedoraproject, Redhat, Sox Project 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more 2024-11-21 6.2 Medium
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.
CVE-2023-26118 2 Angularjs, Fedoraproject 2 Angular, Fedora 2024-11-21 5.3 Medium
Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.
CVE-2023-26117 2 Angularjs, Fedoraproject 2 Angular, Fedora 2024-11-21 5.3 Medium
Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.
CVE-2023-26116 2 Angularjs, Fedoraproject 2 Angular, Fedora 2024-11-21 5.3 Medium
Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.
CVE-2023-26081 2 Fedoraproject, Gnome 2 Fedora, Epiphany 2024-11-21 7.5 High
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.