Vulnerabilities > Fedoraproject > Fedora > 37
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-18 | CVE-2022-30975 | NULL Pointer Dereference vulnerability in multiple products In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. | 5.5 |
| 2022-05-04 | CVE-2022-28487 | Memory Leak vulnerability in multiple products Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. | 7.5 |
| 2022-04-19 | CVE-2022-29153 | Server-Side Request Forgery (SSRF) vulnerability in multiple products HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. | 7.5 |
| 2022-04-13 | CVE-2015-20107 | Command Injection vulnerability in multiple products In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. | 7.6 |
| 2022-04-12 | CVE-2022-24765 | Uncontrolled Search Path Element vulnerability in multiple products Git for Windows is a fork of Git containing Windows-specific patches. | 7.8 |
| 2022-04-06 | CVE-2021-43138 | In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution. | 7.8 |
| 2022-03-30 | CVE-2022-24790 | HTTP Request Smuggling vulnerability in multiple products Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. | 7.5 |
| 2022-03-26 | CVE-2022-27939 | Reachable Assertion vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. | 5.5 |
| 2022-03-26 | CVE-2022-27940 | Out-of-bounds Read vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | 7.8 |
| 2022-03-26 | CVE-2022-27941 | Out-of-bounds Read vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. | 7.8 |