Fedoraproject Fedora vulnerabilities

CVE-2022-24302 [MEDIUM] CWE-362 CVE-2022-24302: In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_fi In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

CVE-2022-24729 [HIGH] CWE-400 CVE-2022-24729: CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.1 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0.

CVE-2022-24728 [MEDIUM] CWE-79 CVE-2022-24728: CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been disco CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. T

CVE-2021-20257 [MEDIUM] CWE-835 CVE-2021-20257: An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while proce An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerabil

CVE-2021-23648 [MEDIUM] CWE-79 CVE-2021-23648: The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.

CVE-2022-0778 [HIGH] CWE-835 CVE-2022-0778: The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it t The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible t

CVE-2021-45848 [HIGH] CWE-116 CVE-2021-45848: Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later allows a user with a modified Sou Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character.

CVE-2022-22721 [CRITICAL] CWE-190 CVE-2022-22721: If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit s If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

CVE-2022-22720 [CRITICAL] CWE-444 CVE-2022-22720: Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling

CVE-2022-23943 [CRITICAL] CWE-190 CVE-2022-23943: Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite h Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.

CVE-2022-22719 [HIGH] CWE-665 CVE-2022-22719: A carefully crafted request body can cause a read to a random memory area which could cause the proc A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier.

CVE-2022-20001 [HIGH] CWE-74 CVE-2022-20001: fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary co fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing to a directory automatically runs `git` commands in orde

CVE-2022-0943 [HIGH] CWE-122 CVE-2022-0943: Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.

CVE-2022-26981 [HIGH] CWE-120 CVE-2022-26981: Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (cal Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).

CVE-2022-0860 [CRITICAL] CWE-285 CVE-2022-0860: Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2. Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.

CVE-2022-25600 [HIGH] CWE-352 CVE-2022-25600: Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Co Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3).

CVE-2022-0908 [MEDIUM] CWE-476 CVE-2022-0908: Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_d Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.

CVE-2022-0907 [MEDIUM] CWE-252 CVE-2022-0907: Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.

CVE-2022-0909 [MEDIUM] CWE-369 CVE-2022-0909: Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.

CVE-2022-25601 [MEDIUM] CWE-79 CVE-2022-25601: Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Fo Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Form X WordPress plugin (versions <= 2.4).