Fedoraproject Fedora vulnerabilities

CVE-2022-3256 [HIGH] CWE-416 CVE-2022-3256: Use After Free in GitHub repository vim/vim prior to 9.0.0530. Use After Free in GitHub repository vim/vim prior to 9.0.0530.

CVE-2022-38178 [HIGH] CWE-401 CVE-2022-38178: By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker ca By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

CVE-2022-3080 [HIGH] CWE-613 CVE-2022-3080: By sending specific queries to the resolver, an attacker can cause named to crash. By sending specific queries to the resolver, an attacker can cause named to crash.

CVE-2022-38177 [HIGH] CWE-401 CVE-2022-38177: By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker ca By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.

CVE-2022-2795 [MEDIUM] CVE-2022-2795: By flooding the target resolver with queries exploiting this flaw an attacker can significantly impa By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.

CVE-2022-39956 [CRITICAL] CWE-863 CVE-2022-39956: The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass for HTTP multipar The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass for HTTP multipart requests by submitting a payload that uses a character encoding scheme via the Content-Type or the deprecated Content-Transfer-Encoding multipart MIME header fields that will not be decoded and inspected by the web application firewall engine and

CVE-2022-39955 [CRITICAL] CWE-863 CVE-2022-39955: The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass by submitting a s The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass by submitting a specially crafted HTTP Content-Type header field that indicates multiple character encoding schemes. A vulnerable back-end can potentially be exploited by declaring multiple Content-Type "charset" names and therefore bypassing the configurable CRS Co

CVE-2022-39957 [HIGH] CWE-693 CVE-2022-39957: The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. A client can issue The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. A client can issue an HTTP Accept header field containing an optional "charset" parameter in order to receive the response in an encoded form. Depending on the "charset", this response can not be decoded by the web application firewall. A restricted resource, access to whi

CVE-2022-39958 [HIGH] CWE-863 CVE-2022-39958: The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially exfi The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range. A restricted resource, access to which would ordinarily be detected, may be exfiltrated from the backend, despite being protected

CVE-2022-32886 [HIGH] CWE-787 CVE-2022-32886: A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 1 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2022-35957 [MEDIUM] CWE-290 CVE-2022-35957: Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5 Grafana is an open-source platform for monitoring and observability. Versions prior to 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana instance. All installations should be upgraded as soon as possible. As

CVE-2022-3213 [MEDIUM] CWE-119 CVE-2022-3213: A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIF A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.

CVE-2022-3235 [HIGH] CWE-416 CVE-2022-3235: Use After Free in GitHub repository vim/vim prior to 9.0.0490. Use After Free in GitHub repository vim/vim prior to 9.0.0490.

CVE-2022-40768 [MEDIUM] CWE-908 CVE-2022-40768: drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive inform drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.

CVE-2022-3234 [HIGH] CWE-122 CVE-2022-3234: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.

CVE-2022-30674 [MEDIUM] CWE-125 CVE-2022-30674: Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2022-39209 [MEDIUM] CWE-400 CVE-2022-39209: cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the patch by running `python3 -c 'print("![l"* 100000 + "

CVE-2022-40673 [HIGH] CWE-862 CVE-2022-40673: KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache.

CVE-2022-40674 [HIGH] CWE-416 CVE-2022-40674: libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

CVE-2022-40626 [MEDIUM] CWE-79 CVE-2022-40626: An unauthenticated user can create a link with reflected Javascript code inside the backurl paramete An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.