Fedoraproject: Security Vulnerabilities
Separate Groups mode restrictions were not honored when performing a forum export, which would export forum data for all groups. By default this only provided additional access to non-editing teachers.
CVSS Score
4.3
EPSS Score
0.003
Published
2024-02-19
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk.
CVSS Score
4.3
EPSS Score
0.004
Published
2024-02-19
Insufficient checks in a web service made it possible to add comments to the comments block on another user's dashboard when it was not otherwise available (e.g., on their profile page).
CVSS Score
3.5
EPSS Score
0.002
Published
2024-02-19
Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-02-19
The URL parameters accepted by forum search were not limited to the allowed parameters.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-02-19
pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a string value after the first placeholder; both must be on the same line. By constructing a matching string payload, the attacker can inject SQL to alter the query,bypassing the protections that parameterized queries bring against SQL Injection attacks. Versions before 42.7.2, 42.6.1, 42.5.5, 42.4.4, 42.3.9, and 42.2.28 are affected.
CVSS Score
10.0
EPSS Score
0.005
Published
2024-02-19
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.
CVSS Score
5.9
EPSS Score
0.006
Published
2024-02-19
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
CVSS Score
8.0
EPSS Score
0.001
Published
2024-02-15
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.
CVSS Score
7.5
EPSS Score
0.52
Published
2024-02-14
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.
CVSS Score
7.5
EPSS Score
0.118
Published
2024-02-14