Vulnerabilities > Debian > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-02 | CVE-2022-42003 | Deserialization of Untrusted Data vulnerability in multiple products In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. | 7.5 |
2022-10-02 | CVE-2022-42004 | Deserialization of Untrusted Data vulnerability in multiple products In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. | 7.5 |
2022-09-29 | CVE-2022-3352 | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0614. | 7.8 |
2022-09-28 | CVE-2022-1270 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. | 7.8 |
2022-09-28 | CVE-2022-39261 | Path Traversal vulnerability in multiple products Twig is a template language for PHP. | 7.5 |
2022-09-27 | CVE-2022-3324 | Stack-based Buffer Overflow vulnerability in multiple products Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. | 7.8 |
2022-09-23 | CVE-2022-40188 | Algorithmic Complexity vulnerability in multiple products Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. | 7.5 |
2022-09-22 | CVE-2022-1941 | A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. | 7.5 |
2022-09-22 | CVE-2022-40146 | Server-Side Request Forgery (SSRF) vulnerability in multiple products Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. | 7.5 |
2022-09-22 | CVE-2022-3256 | Use After Free vulnerability in multiple products Use After Free in GitHub repository vim/vim prior to 9.0.0530. | 7.8 |