Vulnerabilities > Fedoraproject > Extra Packages FOR Enterprise Linux > 8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-28 | CVE-2022-2295 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-28 | CVE-2022-2296 | Use After Free vulnerability in multiple products Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. | 8.8 |
| 2022-07-28 | CVE-2022-2158 | Use After Free vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-06-16 | CVE-2022-32545 | Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. | 7.8 |
| 2022-06-16 | CVE-2022-32546 | Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. | 7.8 |
| 2022-04-26 | CVE-2022-24882 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). | 7.5 |
| 2022-04-20 | CVE-2022-28327 | The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. | 7.5 |
| 2022-04-19 | CVE-2022-25648 | Argument Injection or Modification vulnerability in multiple products The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. | 9.8 |
| 2022-03-18 | CVE-2022-27191 | The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey. | 7.5 |
| 2022-02-15 | CVE-2022-21698 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. | 7.5 |