Fedoraproject Fedora vulnerabilities

CVE-2022-28327 [HIGH] CVE-2022-28327: The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a p The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.

CVE-2022-25648 [CRITICAL] CWE-88 CVE-2022-25648: The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When c The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.

CVE-2022-29153 [HIGH] CWE-918 CVE-2022-29153: HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side reques HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5.

CVE-2022-1381 [HIGH] CWE-122 CVE-2022-1381: global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulne global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution

CVE-2022-27652 [MEDIUM] CWE-276 CVE-2022-27652: A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissi A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those

CVE-2021-42782 [MEDIUM] CWE-119 CVE-2021-42782: Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.

CVE-2021-42778 [MEDIUM] CWE-672 CVE-2021-42778: A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.

CVE-2021-42781 [MEDIUM] CWE-119 CVE-2021-42781: Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that cou Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.

CVE-2021-42780 [MEDIUM] CWE-252 CVE-2021-42780: A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.

CVE-2021-42779 [MEDIUM] CWE-416 CVE-2021-42779: A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid.

CVE-2022-28048 [HIGH] CWE-682 CVE-2022-28048: STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_dec STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.

CVE-2022-28042 [HIGH] CWE-416 CVE-2022-28042: stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode.

CVE-2022-1231 [MEDIUM] CWE-79 CVE-2022-1231: XSS via Embedded SVG in SVG Diagram Format in GitHub repository plantuml/plantuml prior to 1.2022.4. XSS via Embedded SVG in SVG Diagram Format in GitHub repository plantuml/plantuml prior to 1.2022.4. Stored XSS in the context of the diagram embedder. Depending on the actual context, this ranges from stealing secrets to account hijacking or even to code execution for example in desktop applications. Web based applications are the ones most affected.

CVE-2022-28041 [MEDIUM] CWE-190 CVE-2022-28041: stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_b stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

CVE-2022-1304 [HIGH] CWE-125 CVE-2022-1304: An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segme An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

CVE-2022-1328 [MEDIUM] CWE-120 CVE-2022-1328: Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allow Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line

CVE-2022-24828 [HIGH] CWE-20 CVE-2022-24828: Composer is a dependency manager for the PHP programming language. Integrators using Composer code t Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control the `$file` or `$identifier` argument. This leads to a vulnerability on packagist.org for example where the composer.json's `readme` field can be used as a

CVE-2015-20107 [HIGH] CWE-77 CVE-2015-20107: In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into command In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported t

CVE-2022-24765 [HIGH] CWE-427 CVE-2022-24765: Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects use Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching

CVE-2022-24070 [HIGH] CWE-416 CVE-2022-24070: Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorizati Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.