Fedoraproject: >> Fedora >> 35 Security Vulnerabilities
Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip
CVSS Score
8.8
EPSS Score
0.034
Published
2021-09-03
Chromium: CVE-2021-30615 Cross-origin data leak in Navigation
CVSS Score
6.5
EPSS Score
0.084
Published
2021-09-03
Chromium: CVE-2021-30616 Use after free in Media
CVSS Score
8.8
EPSS Score
0.009
Published
2021-09-03
Chromium: CVE-2021-30617 Policy bypass in Blink
CVSS Score
6.5
EPSS Score
0.018
Published
2021-09-03
Chromium: CVE-2021-30618 Inappropriate implementation in DevTools
CVSS Score
8.8
EPSS Score
0.042
Published
2021-09-03
Chromium: CVE-2021-30619 UI Spoofing in Autofill
CVSS Score
6.5
EPSS Score
0.023
Published
2021-09-03
Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink
CVSS Score
8.8
EPSS Score
0.042
Published
2021-09-03
Chromium: CVE-2021-30621 UI Spoofing in Autofill
CVSS Score
6.5
EPSS Score
0.023
Published
2021-09-03
Chromium: CVE-2021-30622 Use after free in WebApp Installs
CVSS Score
8.8
EPSS Score
0.009
Published
2021-09-03
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9.4, the 3rd-party init SSO functionality of mod_auth_openidc was reported to be vulnerable to an open redirect attack by supplying a crafted URL in the `target_link_uri` parameter. A patch in version 2.4.9.4 made it so that the `OIDCRedirectURLsAllowed` setting must be applied to the `target_link_uri` parameter. There are no known workarounds aside from upgrading to a patched version.
CVSS Score
4.7
EPSS Score
0.003
Published
2021-09-03