Debian Linux vulnerabilities

CVE-2022-40149 [HIGH] CWE-121 CVE-2022-40149: Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service atta Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.

CVE-2022-38863 [MEDIUM] CWE-787 CVE-2022-38863: Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

CVE-2022-38866 [MEDIUM] CWE-787 CVE-2022-38866: Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libm Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38855 [MEDIUM] CWE-787 CVE-2022-38855: Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38851 [MEDIUM] CWE-125 CVE-2022-38851: Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_rec Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38858 [MEDIUM] CWE-787 CVE-2022-38858: Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index( Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38865 [MEDIUM] CWE-369 CVE-2022-38865: Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_rea Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2018-25047 [MEDIUM] CWE-79 CVE-2018-25047: In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web pag In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input parameters, could allow injection of JavaScript code by a user.

CVE-2022-38861 [MEDIUM] CWE-787 CVE-2022-38861: The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_m The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c.

CVE-2022-38850 [MEDIUM] CWE-369 CVE-2022-38850: The MPlayer Project mencoder SVN-r38374-13.0.1 is vulnerable to Divide By Zero via the function conf The MPlayer Project mencoder SVN-r38374-13.0.1 is vulnerable to Divide By Zero via the function config () of llibmpcodecs/vf_scale.c.

CVE-2022-38864 [MEDIUM] CWE-787 CVE-2022-38864: Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape0 Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

CVE-2022-38860 [MEDIUM] CWE-369 CVE-2022-38860: Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-40674 [HIGH] CWE-416 CVE-2022-40674: libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

CVE-2022-37797 [HIGH] CWE-476 CVE-2022-37797: In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP r In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.

CVE-2022-36280 [MEDIUM] CWE-120 CVE-2022-36280: An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/v An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).

CVE-2022-40307 [MEDIUM] CWE-362 CVE-2022-40307: An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c ha An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.

CVE-2022-38266 [MEDIUM] CWE-369 CVE-2022-38266: An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.

CVE-2022-3169 [MEDIUM] CWE-20 CVE-2022-3169: A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive r A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.

CVE-2022-2905 [MEDIUM] CWE-125 CVE-2022-2905: An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

CVE-2022-40023 [HIGH] CWE-1333 CVE-2022-40023: Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Le Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin.