Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13572 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-29458 | 4 Debian, Exiv2, Fedoraproject and 1 more | 4 Debian Linux, Exiv2, Fedora and 1 more | 2024-08-03 | 5.5 Medium |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as insert. The bug is fixed in version v0.27.4. | ||||
| CVE-2021-29464 | 3 Exiv2, Fedoraproject, Redhat | 3 Exiv2, Fedora, Enterprise Linux | 2024-08-03 | 3.3 Low |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `insert`. The bug is fixed in version v0.27.4. | ||||
| CVE-2021-29457 | 4 Debian, Exiv2, Fedoraproject and 1 more | 4 Debian Linux, Exiv2, Fedora and 1 more | 2024-08-03 | 7.8 High |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when _writing_ the metadata, which is a less frequently used Exiv2 operation than _reading_ the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `insert`. The bug is fixed in version v0.27.4. | ||||
| CVE-2021-29463 | 3 Exiv2, Fedoraproject, Redhat | 3 Exiv2, Fedora, Enterprise Linux | 2024-08-03 | 3.3 Low |
| Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `insert`. The bug is fixed in version v0.27.4. | ||||
| CVE-2021-29390 | 3 Fedoraproject, Libjpeg-turbo, Redhat | 3 Fedora, Libjpeg-turbo, Enterprise Linux | 2024-08-03 | 7.1 High |
| libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c. | ||||
| CVE-2021-29338 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-08-03 | 5.5 Medium |
| Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files. | ||||
| CVE-2021-29155 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-08-03 | 5.5 Medium |
| An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations. | ||||
| CVE-2021-29154 | 5 Debian, Fedoraproject, Linux and 2 more | 22 Debian Linux, Fedora, Linux Kernel and 19 more | 2024-08-03 | 7.8 High |
| BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. | ||||
| CVE-2021-28957 | 6 Debian, Fedoraproject, Lxml and 3 more | 7 Debian Linux, Fedora, Lxml and 4 more | 2024-08-03 | 6.1 Medium |
| An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3. | ||||
| CVE-2021-28971 | 5 Debian, Fedoraproject, Linux and 2 more | 10 Debian Linux, Fedora, Linux Kernel and 7 more | 2024-08-03 | 5.5 Medium |
| In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. | ||||
| CVE-2021-28879 | 3 Fedoraproject, Redhat, Rust-lang | 4 Fedora, Devtools, Enterprise Linux and 1 more | 2024-08-03 | 9.8 Critical |
| In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again. | ||||
| CVE-2021-28965 | 3 Fedoraproject, Redhat, Ruby-lang | 7 Fedora, Enterprise Linux, Rhel E4s and 4 more | 2024-08-03 | 7.5 High |
| The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing. | ||||
| CVE-2021-28950 | 4 Debian, Fedoraproject, Linux and 1 more | 5 Debian Linux, Fedora, Linux Kernel and 2 more | 2024-08-03 | 5.5 Medium |
| An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. | ||||
| CVE-2021-28877 | 2 Redhat, Rust-lang | 3 Devtools, Enterprise Linux, Rust | 2024-08-03 | 7.5 High |
| In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. | ||||
| CVE-2021-28878 | 3 Fedoraproject, Redhat, Rust-lang | 4 Fedora, Devtools, Enterprise Linux and 1 more | 2024-08-03 | 7.5 High |
| In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. | ||||
| CVE-2021-28876 | 3 Fedoraproject, Redhat, Rust-lang | 4 Fedora, Devtools, Enterprise Linux and 1 more | 2024-08-03 | 5.3 Medium |
| In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. | ||||
| CVE-2021-28875 | 2 Redhat, Rust-lang | 3 Devtools, Enterprise Linux, Rust | 2024-08-03 | 7.5 High |
| In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow. | ||||
| CVE-2021-28678 | 3 Fedoraproject, Python, Redhat | 3 Fedora, Pillow, Enterprise Linux | 2024-08-03 | 5.5 Medium |
| An issue was discovered in Pillow before 8.2.0. For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data. | ||||
| CVE-2021-28677 | 3 Fedoraproject, Python, Redhat | 3 Fedora, Pillow, Enterprise Linux | 2024-08-03 | 7.5 High |
| An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could use this to perform a DoS of Pillow in the open phase, before an image was accepted for opening. | ||||
| CVE-2021-28675 | 3 Fedoraproject, Python, Redhat | 3 Fedora, Pillow, Enterprise Linux | 2024-08-03 | 5.5 Medium |
| An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load. | ||||