Vulnerabilities > Fedoraproject > Fedora > 37

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-20	CVE-2022-31160	Cross-site Scripting vulnerability in multiple products jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. network low complexity jqueryui netapp drupal fedoraproject debian CWE-79	6.1
2022-07-14	CVE-2022-32323	Out-of-bounds Write vulnerability in multiple products AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660. local low complexity autotrace-project fedoraproject CWE-787	7.3
2022-07-14	CVE-2022-32212	OS Command Injection vulnerability in multiple products A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks. network high complexity nodejs debian fedoraproject siemens CWE-78	8.1
2022-07-14	CVE-2022-32213	HTTP Request Smuggling vulnerability in multiple products The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS). network low complexity llhttp nodejs fedoraproject siemens debian stormshield CWE-444	6.5
2022-07-14	CVE-2022-32215	HTTP Request Smuggling vulnerability in multiple products The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. network low complexity nodejs llhttp fedoraproject siemens debian stormshield CWE-444	6.5
2022-07-12	CVE-2022-29187	Improper Ownership Management vulnerability in multiple products Git is a distributed revision control system. local low complexity git-scm fedoraproject apple debian CWE-282	7.8
2022-07-06	CVE-2022-31129	moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. network low complexity momentjs fedoraproject debian	7.5
2022-07-05	CVE-2022-2309	NULL Pointer Dereference vulnerability in multiple products NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). network low complexity lxml fedoraproject CWE-476	7.5
2022-07-02	CVE-2022-34911	Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. network low complexity mediawiki fedoraproject CWE-79	6.1
2022-07-02	CVE-2022-34912	An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1. network low complexity mediawiki fedoraproject	6.1