11.5.1

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-07	CVE-2022-32205	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. network low complexity haxx fedoraproject debian netapp apple siemens splunk CWE-770	4.3
2022-07-07	CVE-2022-32207	Incorrect Default Permissions vulnerability in multiple products When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the updated file accessible to more users than intended. network low complexity haxx fedoraproject debian netapp apple splunk CWE-276 critical	9.8
2022-07-07	CVE-2022-32208	Out-of-bounds Write vulnerability in multiple products When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. network high complexity haxx fedoraproject debian netapp apple splunk CWE-787	5.9
2022-03-25	CVE-2018-25032	Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. network low complexity nokogiri zlib debian fedoraproject apple python mariadb netapp siemens azul goto CWE-787	7.5
2021-12-20	CVE-2021-44790	Out-of-bounds Write vulnerability in multiple products A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). network low complexity apache fedoraproject debian tenable netapp oracle apple CWE-787 critical	9.8
2021-08-24	CVE-2021-31010	Deserialization of Untrusted Data vulnerability in Apple products A deserialization issue was addressed through improved validation. network low complexity apple CWE-502	7.5
2021-08-24	CVE-2021-30883	Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved memory handling. local low complexity apple CWE-787	7.8
2021-08-24	CVE-2021-30900	Out-of-bounds Write vulnerability in Apple Iphone OS An out-of-bounds write issue was addressed with improved bounds checking. local low complexity apple CWE-787	7.8
2021-08-24	CVE-2021-30858	Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. network low complexity apple fedoraproject debian CWE-416	8.8