Debian Linux vulnerabilities

CVE-2022-30788 [HIGH] CWE-787 CVE-2022-30788: A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G through 2021.8.22.

CVE-2022-30785 [MEDIUM] CVE-2022-30785: A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary mem A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite.

CVE-2022-30787 [MEDIUM] CWE-191 CVE-2022-30787: An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite.

CVE-2022-27777 [MEDIUM] CWE-79 CVE-2022-27777: A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes.

CVE-2022-26691 [MEDIUM] CWE-697 CVE-2022-26691: A logic issue was addressed with improved state management. This issue is fixed in Security Update 2 A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges.

CVE-2022-30783 [MEDIUM] CWE-252 CVE-2022-30783: An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic betw An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite.

CVE-2022-22577 [MEDIUM] CWE-79 CVE-2022-22577: An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.

CVE-2022-1851 [HIGH] CWE-125 CVE-2022-1851: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

CVE-2022-29248 [HIGH] CWE-200 CVE-2022-29248: Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to set cookies for unrelated domains. The cookie middlewa

CVE-2022-29599 [CRITICAL] CWE-116 CVE-2022-29599: In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quo In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.

CVE-2022-1785 [HIGH] CWE-787 CVE-2022-1785: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.

CVE-2022-1734 [HIGH] CWE-416 CVE-2022-1734: A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.

CVE-2022-30974 [MEDIUM] CVE-2022-30974: compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.

CVE-2022-30975 [MEDIUM] CWE-476 CVE-2022-30975: In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonst In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp.

CVE-2022-29581 [HIGH] CWE-911 CVE-2022-29581: Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.

CVE-2022-30688 [HIGH] CVE-2022-30688: needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.

CVE-2022-1586 [CRITICAL] CWE-125 CVE-2022-1586: An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchi An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.

CVE-2022-1679 [HIGH] CWE-416 CVE-2022-1679: A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a u A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.

CVE-2022-1650 [CRITICAL] CWE-212 CVE-2022-1650: Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsourc Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2.

CVE-2022-30594 [HIGH] CWE-862 CVE-2022-30594: The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows att The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.