Fedoraproject Fedora vulnerabilities

CVE-2022-2124 [HIGH] CWE-126 CVE-2022-2124: Buffer Over-read in GitHub repository vim/vim prior to 8.2. Buffer Over-read in GitHub repository vim/vim prior to 8.2.

CVE-2022-2129 [HIGH] CWE-787 CVE-2022-2129: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.

CVE-2022-2126 [HIGH] CWE-125 CVE-2022-2126: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

CVE-2022-2125 [HIGH] CWE-122 CVE-2022-2125: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

CVE-2022-32545 [HIGH] CWE-190 CVE-2022-32545: A vulnerability was found in ImageMagick, causing an outside the range of representable values of ty A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

CVE-2022-32547 [HIGH] CWE-704 CVE-2022-32547: In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignme In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior

CVE-2022-32546 [HIGH] CWE-190 CVE-2022-32546: A vulnerability was found in ImageMagick, causing an outside the range of representable values of ty A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.

CVE-2022-2085 [MEDIUM] CWE-476 CVE-2022-2085: A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to ren A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not h

CVE-2022-30184 [MEDIUM] CWE-200 CVE-2022-30184: .NET and Visual Studio Information Disclosure Vulnerability .NET and Visual Studio Information Disclosure Vulnerability

CVE-2022-21166 [MEDIUM] CWE-459 CVE-2022-21166: Incomplete cleanup in specific special register write operations for some Intel(R) Processors may al Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-21125 [MEDIUM] CWE-459 CVE-2022-21125: Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authe Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-21123 [MEDIUM] CWE-459 CVE-2022-21123: Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authentica Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-28615 [CRITICAL] CWE-190 CVE-2022-28615: Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected.

CVE-2022-31813 [CRITICAL] CWE-348 CVE-2022-31813: Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server ba Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.

CVE-2022-29404 [HIGH] CWE-770 CVE-2022-29404: In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.

CVE-2022-2000 [HIGH] CWE-787 CVE-2022-2000: Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.

CVE-2022-30522 [HIGH] CWE-789 CVE-2022-30522: If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort.

CVE-2022-31214 [HIGH] CWE-269 CVE-2022-31214: A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the

CVE-2022-26377 [HIGH] CWE-444 CVE-2022-26377: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_a Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions.

CVE-2022-30556 [HIGH] CWE-200 CVE-2022-30556: Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that poi Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer.