Vulnerabilities > Fedoraproject > Fedora > 35
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-20 | CVE-2022-28327 | The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. | 7.5 |
| 2022-04-19 | CVE-2022-25648 | Argument Injection or Modification vulnerability in multiple products The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. | 9.8 |
| 2022-04-18 | CVE-2022-27652 | Incorrect Default Permissions vulnerability in multiple products A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. | 5.3 |
| 2022-04-18 | CVE-2022-1381 | global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. | 7.8 |
| 2022-04-15 | CVE-2022-1231 | Cross-site Scripting vulnerability in multiple products XSS via Embedded SVG in SVG Diagram Format in GitHub repository plantuml/plantuml prior to 1.2022.4. | 6.1 |
| 2022-04-15 | CVE-2022-28041 | Integer Overflow or Wraparound vulnerability in multiple products stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. | 6.5 |
| 2022-04-15 | CVE-2022-28042 | Use After Free vulnerability in multiple products stb_image.h v2.27 was discovered to contain an heap-based use-after-free via the function stbi__jpeg_huff_decode. | 8.8 |
| 2022-04-15 | CVE-2022-28048 | Incorrect Calculation vulnerability in multiple products STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac. | 8.8 |
| 2022-04-14 | CVE-2022-1304 | An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. | 7.8 |
| 2022-04-13 | CVE-2022-24828 | Argument Injection or Modification vulnerability in multiple products Composer is a dependency manager for the PHP programming language. | 8.8 |