Debian Linux vulnerabilities

CVE-2022-24439 [CRITICAL] CWE-20 CVE-2022-24439: All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments

CVE-2022-41325 [HIGH] CWE-190 CVE-2022-41325: An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.

CVE-2022-32221 [CRITICAL] CWE-200 CVE-2022-32221: When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either

CVE-2022-35255 [CRITICAL] CWE-338 CVE-2022-35255: A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with Entrop A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data

CVE-2022-30123 [CRITICAL] CWE-150 CVE-2022-30123: A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.

CVE-2022-43548 [HIGH] CVE-2022-43548: A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0. A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.The fix for this issue in https://cve.mitre.org/cgi-bin/cvenam

CVE-2022-30122 [HIGH] CWE-400 CVE-2022-30122: A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the mul A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.

CVE-2022-35256 [MEDIUM] CWE-444 CVE-2022-35256: The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that ar The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling.

CVE-2022-46391 [MEDIUM] CWE-79 CVE-2022-46391: AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhoi AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks.

CVE-2021-37533 [MEDIUM] CWE-20 CVE-2021-37533: Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. Th

CVE-2022-46338 [MEDIUM] CWE-732 CVE-2022-46338: g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process on the system to read traffic from keyboards, including sensitive data.

CVE-2022-45939 [HIGH] CWE-78 CVE-2022-45939: GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working

CVE-2022-45442 [HIGH] CWE-494 CVE-2022-45442: Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. Version 2.2.3 and 3.0

CVE-2022-45934 [HIGH] CWE-190 CVE-2022-45934: An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_ An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.

CVE-2022-24999 [HIGH] CWE-1321 CVE-2022-24999: qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a N qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application,

CVE-2022-44789 [HIGH] CWE-787 CVE-2022-44789: A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 all A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.

CVE-2022-41946 [MEDIUM] CWE-200 CVE-2022-41946: pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using eit pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is larger than 2k. This will create a temporary file which is readable by other users on Unix like syste

CVE-2022-36227 [CRITICAL] CWE-476 CVE-2022-36227: In libarchive before 3.6.2, the software does not check for an error after calling calloc function t In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances, when NULL is e

CVE-2022-44641 [MEDIUM] CWE-776 CVE-2022-44641: In Linaro Automated Validation Architecture (LAVA) before 2022.11, users with valid credentials can In Linaro Automated Validation Architecture (LAVA) before 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service.

CVE-2022-41916 [HIGH] CWE-193 CVE-2022-41916: Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerabl Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications using Heimdal's libhx509. Users should upgrade to Heimdal 7.7.1 or 7.8