It was possible to construct specific XSLT markup that would be able to bypass an iframe sandbox (CVE-2021-4140). Constructing audio sinks could have lead to a race condition when playing audio files and closing windows. This could have lead to a use-after-free
CPAN 2.28 allows Signature Verification Bypass. (CVE-2020-16156) References: - https://bugs.mageia.org/show_bug.cgi?id=29878 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
This update provides Mbed TLS 2.16.12, with a number of bug fixes and a security fix. Mbed TLS has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure. (CVE-2021-44732)
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp. (CVE-2021-3997) References:
CWE-122 Heap-based Buffer Overflow (CVE-2021-4136) CWE-125 Out-of-bounds Read (CVE-2021-4166) CWE-416 Use After Free (CVE-2021-4173) CWE-416 Use After Free (CVE-2021-4187)
Buffer overflow vulnerability in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp. (CVE-2021-40985) References:
Multiple security fixes for firefox. See references for details. References: - https://bugs.mageia.org/show_bug.cgi?id=29865 - https://www.mozilla.org/en-US/security/advisories/mfsa2022-02/
Use-after-free in sampled_data_sample (called from sampled_data_continue and interp). (CVE-2021-45944) Heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). (CVE-2021-45949)
UserAttributeSimilarityValidator incurred significant overhead evaluating submitted password that were artificially large in relative to the comparison values. On the assumption that access to user registration was unrestricted this provided a potential vector for a denial-of-service attack. (CVE-2021-45115)
