Vulnerabilities > Debian > Debian Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-22 CVE-2022-36354 Off-by-one Error vulnerability in multiple products
A heap out-of-bounds read vulnerability exists in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0.
network
low complexity
openimageio debian CWE-193
5.3
5.3
2022-12-22 CVE-2022-43592 Out-of-bounds Read vulnerability in multiple products
An information disclosure vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian CWE-125
5.9
5.9
2022-12-22 CVE-2022-43593 NULL Pointer Dereference vulnerability in multiple products
A denial of service vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian CWE-476
5.9
5.9
2022-12-22 CVE-2022-43594 NULL Pointer Dereference vulnerability in multiple products
Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian CWE-476
5.9
5.9
2022-12-22 CVE-2022-43595 NULL Pointer Dereference vulnerability in multiple products
Multiple denial of service vulnerabilities exist in the image output closing functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian CWE-476
5.9
5.9
2022-12-22 CVE-2022-43596 Out-of-bounds Read vulnerability in multiple products
An information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian CWE-125
5.9
5.9
2022-12-22 CVE-2022-43603 NULL Pointer Dereference vulnerability in multiple products
A denial of service vulnerability exists in the ZfileOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2.
network
high complexity
openimageio debian CWE-476
5.9
5.9
2022-12-22 CVE-2022-46877 By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks.
network
low complexity
mozilla debian
4.3
4.3
2022-12-14 CVE-2022-23520 Cross-site Scripting vulnerability in multiple products
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications.
network
low complexity
rubyonrails debian CWE-79
6.1
6.1
2022-12-14 CVE-2022-23527 Open Redirect vulnerability in multiple products
mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server.
network
low complexity
openidc debian CWE-601
6.1
6.1