Filtered by vendor Fedoraproject
Subscribe
Total
5331 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33740 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742). | |||||
| CVE-2022-33099 | 2 Fedoraproject, Lua | 2 Fedora, Lua | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs. | |||||
| CVE-2022-33070 | 2 Fedoraproject, Protobuf-c Project | 2 Fedora, Protobuf-c | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors. | |||||
| CVE-2022-33068 | 2 Fedoraproject, Harfbuzz Project | 2 Fedora, Harfbuzz | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors. | |||||
| CVE-2022-32886 | 3 Apple, Debian, Fedoraproject | 5 Ipados, Iphone Os, Safari and 2 more | 2024-11-21 | N/A | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-32793 | 2 Apple, Fedoraproject | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
| Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. | |||||
| CVE-2022-32743 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2024-11-21 | N/A | 7.5 HIGH |
| Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it. | |||||
| CVE-2022-32547 | 3 Fedoraproject, Imagemagick, Redhat | 3 Fedora, Imagemagick, Enterprise Linux | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior. | |||||
| CVE-2022-32546 | 3 Fedoraproject, Imagemagick, Redhat | 4 Extra Packages For Enterprise Linux, Fedora, Imagemagick and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. | |||||
| CVE-2022-32545 | 3 Fedoraproject, Imagemagick, Redhat | 4 Extra Packages For Enterprise Linux, Fedora, Imagemagick and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior. | |||||
| CVE-2022-32511 | 2 Fedoraproject, Jmespath Project | 2 Fedora, Jmespath | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable. | |||||
| CVE-2022-32325 | 2 Fedoraproject, Jpegoptim Project | 2 Fedora, Jpegoptim | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c. | |||||
| CVE-2022-32323 | 2 Autotrace Project, Fedoraproject | 2 Autotrace, Fedora | 2024-11-21 | 6.8 MEDIUM | 7.3 HIGH |
| AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660. | |||||
| CVE-2022-32250 | 4 Debian, Fedoraproject, Linux and 1 more | 13 Debian Linux, Fedora, Linux Kernel and 10 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. | |||||
| CVE-2022-32215 | 6 Debian, Fedoraproject, Llhttp and 3 more | 6 Debian Linux, Fedora, Llhttp and 3 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS). | |||||
| CVE-2022-32213 | 6 Debian, Fedoraproject, Llhttp and 3 more | 6 Debian Linux, Fedora, Llhttp and 3 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS). | |||||
| CVE-2022-32212 | 4 Debian, Fedoraproject, Nodejs and 1 more | 4 Debian Linux, Fedora, Node.js and 1 more | 2024-11-21 | N/A | 8.1 HIGH |
| A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks. | |||||
| CVE-2022-32209 | 3 Debian, Fedoraproject, Rubyonrails | 3 Debian Linux, Fedora, Rails Html Sanitizers | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| # Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden. This may be done via application configuration:```ruby# In config/application.rbconfig.action_view.sanitized_allowed_tags = ["select", "style"]```see https://guides.rubyonrails.org/configuring.html#configuring-action-viewOr it may be done with a `:tags` option to the Action View helper `sanitize`:```<%= sanitize @comment.body, tags: ["select", "style"] %>```see https://api.rubyonrails.org/classes/ActionView/Helpers/SanitizeHelper.html#method-i-sanitizeOr it may be done with Rails::Html::SafeListSanitizer directly:```ruby# class-level optionRails::Html::SafeListSanitizer.allowed_tags = ["select", "style"]```or```ruby# instance-level optionRails::Html::SafeListSanitizer.new.sanitize(@article.body, tags: ["select", "style"])```All users overriding the allowed tags by any of the above mechanisms to include both "select" and "style" should either upgrade or use one of the workarounds immediately.## ReleasesThe FIXED releases are available at the normal locations.## WorkaroundsRemove either `select` or `style` from the overridden allowed tags.## CreditsThis vulnerability was responsibly reported by [windshock](https://hackerone.com/windshock?type=user). | |||||
| CVE-2022-32208 | 6 Apple, Debian, Fedoraproject and 3 more | 19 Macos, Debian Linux, Fedora and 16 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. | |||||
| CVE-2022-32206 | 6 Debian, Fedoraproject, Haxx and 3 more | 30 Debian Linux, Fedora, Curl and 27 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors. | |||||