Known Vulnerabilities for products from Fedoraproject
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Fedoraproject".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-54231 json | A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script quer... | Not Provided | 2026-06-13 | 2026-06-29 |
| CVE-2026-54230 json | A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write o... | Not Provided | 2026-06-13 | 2026-07-15 |
| CVE-2026-35094 json | A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a... | Not Provided | 2026-04-01 | 2026-04-07 |
| CVE-2026-12610 json | A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulner... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2024-47692 json | Not Provided | 2024-10-21 | 2026-05-12 | |
| CVE-2024-28960 json | An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto... | Not Provided | 2024-03-29 | 2026-06-05 |
| CVE-2024-27834 json | The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and ... | Not Provided | 2024-05-14 | 2026-04-02 |
| CVE-2024-27012 json | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: restore set elements when delete s... | Not Provided | 2024-05-01 | 2026-06-19 |
| CVE-2024-24246 json | 5.5 - MEDIUM | 2024-02-29 | 2024-04-01 | |
| CVE-2024-23334 json | 7.5 - HIGH | 2024-01-29 | 2024-02-05 | |
| CVE-2024-23301 json | 5.5 - MEDIUM | 2024-01-12 | 2024-02-03 | |
| CVE-2024-23280 json | An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macO... | Not Provided | 2024-03-08 | 2026-04-02 |
| CVE-2024-23254 json | The issue was addressed with improved UI handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma... | Not Provided | 2024-03-08 | 2026-04-02 |
| CVE-2024-22049 json | httparty before 0.21.0 is vulnerable to an assumed-immutable web parameter vulnerability. A remote and unauthenticated attack... | Not Provided | 2024-01-04 | 2026-07-14 |
| CVE-2024-21626 json | runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlie... | Not Provided | 2024-01-31 | 2026-07-15 |
| CVE-2024-2631 json | 4.3 - MEDIUM | 2024-03-20 | 2024-04-01 | |
| CVE-2024-2630 json | 6.5 - MEDIUM | 2024-03-20 | 2024-04-01 | |
| CVE-2024-2629 json | 4.3 - MEDIUM | 2024-03-20 | 2024-04-01 | |
| CVE-2024-2628 json | 4.3 - MEDIUM | 2024-03-20 | 2024-04-01 | |
| CVE-2024-2627 json | 8.8 - HIGH | 2024-03-20 | 2024-04-01 |
Known software with vulnerabilities from Fedoraproject
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Fedoraproject | 389 Administration Server | 1.1.37 |
| Application | Fedoraproject | 389 Directory Server | - |
| Application | Fedoraproject | Anaconda | - |
| Operating System | Fedoraproject | Fedora | - |
| Operating System | Fedoraproject | Fedora Core | - |
| Application | Fedoraproject | Mirrormanager | 0.0.1 |
| Application | Fedoraproject | Python-fedora | 0.8.0 |
| Application | Fedoraproject | Sectool | - |
| Application | Fedoraproject | Selinux-policy | 2020-08-24 |
| Application | Fedoraproject | Sssd | - |