Debian Linux vulnerabilities

CVE-2022-42004 [HIGH] CWE-502 CVE-2022-42004: In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a ch In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.

CVE-2022-41849 [MEDIUM] CWE-362 CVE-2022-41849: drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.

CVE-2022-41850 [MEDIUM] CWE-362 CVE-2022-41850: roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condi roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

CVE-2016-2338 [CRITICAL] CWE-787 CVE-2016-2338: An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of R An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overfl

CVE-2022-3352 [HIGH] CWE-416 CVE-2022-3352: Use After Free in GitHub repository vim/vim prior to 9.0.0614. Use After Free in GitHub repository vim/vim prior to 9.0.0614.

CVE-2022-1270 [HIGH] CWE-119 CVE-2022-1270: In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. In GraphicsMagick, a heap buffer overflow was found when parsing MIFF.

CVE-2022-39261 [HIGH] CWE-22 CVE-2022-39261: Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x prior to 2.15.3, and 3.x prio Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x prior to 2.15.3, and 3.x prior to 3.4.3 encounter an issue when the filesystem loader loads templates for which the name is a user input. It is possible to use the `source` or `include` statement to read arbitrary files from outside the templates' directory when using a namespace li

CVE-2022-31628 [MEDIUM] CWE-674 CVE-2022-31628: In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncom In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

CVE-2022-32166 [MEDIUM] CWE-125 CVE-2022-32166: In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

CVE-2022-31629 [MEDIUM] CWE-20 CVE-2022-31629: In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site at In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

CVE-2021-43980 [LOW] CWE-362 CVE-2021-43980: The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported t The simplified implementation of blocking reads and writes introduced in Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long standing (but extremely hard to trigger) concurrency bug in Apache Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60 and 8.5.0 to 8.5.77 that could cause client connections to share an Http11Proc

CVE-2022-3324 [HIGH] CWE-121 CVE-2022-3324: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.

CVE-2022-3303 [MEDIUM] CWE-667 CVE-2022-3303: A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It coul A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition

CVE-2022-21797 [CRITICAL] CWE-94 CVE-2022-21797: The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_di The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.

CVE-2022-3201 [MEDIUM] CWE-20 CVE-2022-3201: Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0. Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)

CVE-2022-40188 [HIGH] CWE-407 CVE-2022-40188: Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) be Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.

CVE-2022-35252 [LOW] CWE-20 CVE-2022-35252: When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using contr When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.

CVE-2022-1941 [HIGH] CWE-1286 CVE-2022-1941: A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and includi A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple

CVE-2022-3256 [HIGH] CWE-416 CVE-2022-3256: Use After Free in GitHub repository vim/vim prior to 9.0.0530. Use After Free in GitHub repository vim/vim prior to 9.0.0530.

CVE-2022-40146 [HIGH] CWE-918 CVE-2022-40146: Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.