Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-22 CVE-2022-43595 NULL Pointer Dereference vulnerability in multiple products
Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian CWE-476
5.9
5.9
2022-12-22 CVE-2022-43596 Out-of-bounds Read vulnerability in multiple products
An information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian CWE-125
5.9
5.9
2022-12-22 CVE-2022-43603 NULL Pointer Dereference vulnerability in multiple products
A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian CWE-476
5.9
5.9
2022-12-22 CVE-2022-46877 By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks.
network
low complexity
mozilla debian
4.3
4.3
2022-12-14 CVE-2022-23520 Cross-site Scripting vulnerability in multiple products
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications.
network
low complexity
rubyonrails debian CWE-79
6.1
6.1
2022-12-14 CVE-2022-23527 Open Redirect vulnerability in multiple products
mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server.
network
low complexity
openidc debian CWE-601
6.1
6.1
2022-12-14 CVE-2022-23518 Cross-site Scripting vulnerability in multiple products
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications.
network
low complexity
rubyonrails debian loofah-project CWE-79
6.1
6.1
2022-12-14 CVE-2022-23519 Cross-site Scripting vulnerability in multiple products
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications.
network
low complexity
rubyonrails debian CWE-79
6.1
6.1
2022-12-14 CVE-2022-23515 Cross-site Scripting vulnerability in multiple products
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri.
network
low complexity
loofah-project debian CWE-79
6.1
6.1
2022-12-13 CVE-2022-41915 Interpretation Conflict vulnerability in multiple products
Netty project is an event-driven asynchronous network application framework.
network
low complexity
netty debian CWE-436
6.5
6.5