Debian Linux vulnerabilities

CVE-2022-2056 [MEDIUM] CWE-369 CVE-2022-2056: Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

CVE-2022-2057 [MEDIUM] CWE-369 CVE-2022-2057: Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.

CVE-2022-31087 [HIGH] CWE-74 CVE-2022-31087: LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php (and .php5/.php4/.phpt/etc) files. An attacker capable of writing files under www-data privileges can write a web-sh

CVE-2022-31086 [HIGH] CWE-74 CVE-2022-31086: LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 incorrect regular expressions allow to upload PHP scripts to config/templates/pdf. This vulnerability could lead to a Remote Code Execution if the /config/templates/pdf/ directory is accessible for r

CVE-2022-31090 [HIGH] CWE-200 CVE-2022-31090: Guzzle, an extensible PHP HTTP client. `Authorization` headers on requests are sensitive information Guzzle, an extensible PHP HTTP client. `Authorization` headers on requests are sensitive information. In affected versions when using our Curl handler, it is possible to use the `CURLOPT_HTTPAUTH` option to specify an `Authorization` header. On making a request which responds with a redirect to a URI with a different origin (change in host, scheme or

CVE-2022-31091 [HIGH] CWE-200 CVE-2022-31091: Guzzle, an extensible PHP HTTP client. `Authorization` and `Cookie` headers on requests are sensitiv Guzzle, an extensible PHP HTTP client. `Authorization` and `Cookie` headers on requests are sensitive information. In affected versions on making a request which responds with a redirect to a URI with a different port, if we choose to follow it, we should remove the `Authorization` and `Cookie` headers from the request, before containing. Previously,

CVE-2022-31084 [HIGH] CWE-88 CVE-2022-31084: LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject the first constructor argument. This can lead to code execution if non-LAM classes are instantiated that

CVE-2022-31088 [MEDIUM] CWE-74 CVE-2022-31088: LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed in version 8.0.

CVE-2022-31081 [MEDIUM] CWE-444 CVE-2022-31081: HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served on top of Nginx or Apache, not on the `HTTP::Daemon`. T

CVE-2022-31085 [MEDIUM] CWE-311 CVE-2022-31085: LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 the session files include the LDAP user name and password in clear text if the PHP OpenSSL extension is not installed or encryption is disabled by configuration. This issue has been fixed in versi

CVE-2022-32209 [MEDIUM] CWE-79 CVE-2022-32209: # Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with cer # Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifier CVE-2022-32209.Versions Affected: ALLNot affected: NONEFixed Versions: v1.4.3## ImpactA possible XSS vulnerability with certain configurations of Rail

CVE-2022-2068 [HIGH] CVE-2022-2068: In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstanc In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certifica

CVE-2022-1720 [HIGH] CWE-126 CVE-2022-1720: Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vul Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

CVE-2022-2124 [HIGH] CWE-126 CVE-2022-2124: Buffer Over-read in GitHub repository vim/vim prior to 8.2. Buffer Over-read in GitHub repository vim/vim prior to 8.2.

CVE-2022-2129 [HIGH] CWE-787 CVE-2022-2129: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.

CVE-2022-2126 [HIGH] CWE-125 CVE-2022-2126: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

CVE-2022-33981 [LOW] CWE-416 CVE-2022-33981: drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, becau drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.

CVE-2022-31291 [HIGH] CWE-415 CVE-2022-31291: An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free v An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.

CVE-2022-31626 [HIGH] CWE-120 CVE-2022-31626: In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extens In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.

CVE-2022-31625 [HIGH] CWE-590 CVE-2022-31625: In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres d In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or denial of service.