Fedoraproject Fedora vulnerabilities

CVE-2022-40315 [CRITICAL] CWE-89 CVE-2022-40315: A limited SQL injection risk was identified in the "browse list of users" site administration page. A limited SQL injection risk was identified in the "browse list of users" site administration page.

CVE-2022-40313 [HIGH] CWE-79 CVE-2022-40313: Recursive rendering of Mustache template helpers containing user input could, in some cases, result Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load.

CVE-2022-40316 [MEDIUM] CWE-862 CVE-2022-40316: The H5P activity attempts report did not filter by groups, which in separate groups mode could revea The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.

CVE-2022-3352 [HIGH] CWE-416 CVE-2022-3352: Use After Free in GitHub repository vim/vim prior to 9.0.0614. Use After Free in GitHub repository vim/vim prior to 9.0.0614.

CVE-2014-0147 [MEDIUM] CWE-190 CVE-2014-0147: Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW vers Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine.

CVE-2022-39261 [HIGH] CWE-22 CVE-2022-39261: Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x prior to 2.15.3, and 3.x prio Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x prior to 2.15.3, and 3.x prior to 3.4.3 encounter an issue when the filesystem loader loads templates for which the name is a user input. It is possible to use the `source` or `include` statement to read arbitrary files from outside the templates' directory when using a namespace li

CVE-2022-31628 [MEDIUM] CWE-674 CVE-2022-31628: In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncom In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.

CVE-2022-31629 [MEDIUM] CWE-20 CVE-2022-31629: In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site at In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.

CVE-2022-39264 [MEDIUM] CWE-287 CVE-2022-39264: nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vu nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Users can upgrade to version 0.10.2 to protect against this issue. As a workaround, one may apply the patch manually, avoid doing verifications of one's o

CVE-2022-3324 [HIGH] CWE-121 CVE-2022-3324: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.

CVE-2022-3075 [CRITICAL] CWE-20 CVE-2022-3075: Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attac Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2022-21797 [CRITICAL] CWE-94 CVE-2022-21797: The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_di The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.

CVE-2022-3204 [HIGH] CWE-400 CVE-2022-3204: A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered i A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for a record that relies on those unresponsive nameservers.

CVE-2022-3197 [HIGH] CWE-416 CVE-2022-3197: Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentia Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

CVE-2022-3055 [HIGH] CWE-416 CVE-2022-3055: Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who co Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.

CVE-2022-2852 [HIGH] CWE-416 CVE-2022-2852: Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potent Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2022-3042 [HIGH] CWE-362 CVE-2022-3042: Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote att Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2022-2858 [HIGH] CWE-416 CVE-2022-2858: Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction.

CVE-2022-2854 [HIGH] CWE-362 CVE-2022-2854: Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2022-3038 [HIGH] CWE-416 CVE-2022-3038: Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.