Extra packages for enterprise linux

This hub aggregates every CVE we track for Extra packages for enterprise linux, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Extra packages for enterprise linux.

• CVE-2021-4435Yarn: untrusted search path7.7Feb 4, 2024
• CVE-2023-6395Mock: privilege escalation for users that can access mock configuration6.7Jan 16, 2024
• CVE-2024-0232Sqlite: use-after-free bug in jsonparseaddnodearray4.7Jan 16, 2024
• CVE-2023-51766Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FRO...5.3Dec 24, 2023
• CVE-2023-4255W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)5.5Dec 21, 2023
• CVE-2023-4256Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c5.5Dec 21, 2023
• CVE-2023-3430Openimageio: heap-buffer-overflow in file src/gif.imageio/gifinput.cpp7.5Dec 18, 2023
• CVE-2023-5764Ansible: template injection7.1Dec 12, 2023
• CVE-2023-5341Imagemagick: heap use-after-free in coders/bmp.c6.2Nov 19, 2023
• CVE-2023-5543Moodle: duplicating a bigbluebutton activity assigns the same meeting id3.3Nov 9, 2023
• CVE-2023-5551Moodle: forum summary report shows students from other groups when in separate groups mode3.3Nov 9, 2023
• CVE-2023-5550Moodle: rce due to lfi risk in some misconfigured shared hosting environments6.5Nov 9, 2023
• CVE-2023-5549Moodle: insufficient capability checks when updating the parent of a course category3.3Nov 9, 2023
• CVE-2023-5548Moodle: cache poisoning risk with endpoint revision numbers3.3Nov 9, 2023
• CVE-2023-5545Moodle: auto-populated h5p author name causes a potential information leak3.3Nov 9, 2023