RSS   Podatności dla
'Fedora extra packages for enterprise linux'
   RSS

2021-11-22
 
CVE-2021-43558

CWE-79
 

 
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.

 
 
CVE-2021-43559

CWE-352
 

 
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related badge" functionality did not include the necessary token check to prevent a CSRF risk.

 
 
CVE-2021-43560

CWE-668
 

 
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.

 
2020-12-08
 
CVE-2020-27818

CWE-120
 

 
A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability.

 

 >>> Vendor: Fedoraproject 20 Produkty
Fedora core
Coolkey
Commons
Fedora
SSSD
Dracut
389 directory server
Libnm-util
Networkmanager
Anaconda
Crypto-utils
Arm installer
Fedmsg
389 administration server
Python-fedora
Spin-kickstarts
Sectool
Selinux-policy
Fedora extra packages for enterprise linux
Extra packages for enterprise linux


Copyright 2022, cxsecurity.com

 

Back to Top