Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-08	CVE-2022-2345	Use After Free in GitHub repository vim/vim prior to 9.0.0046. local low complexity vim fedoraproject	7.8
2022-07-08	CVE-2022-2344	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. local low complexity vim fedoraproject	7.8
2022-07-08	CVE-2022-2343	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044. local low complexity vim fedoraproject	7.8
2022-07-07	CVE-2022-32205	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. network low complexity haxx fedoraproject debian netapp apple siemens splunk CWE-770	4.3
2022-07-07	CVE-2022-32206	Allocation of Resources Without Limits or Throttling vulnerability in multiple products curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. network low complexity haxx fedoraproject debian netapp siemens splunk CWE-770	6.5
2022-07-07	CVE-2022-32207	Incorrect Default Permissions vulnerability in multiple products When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally widen the permissions for the target file, leaving the updated file accessible to more users than intended. network low complexity haxx fedoraproject debian netapp apple splunk CWE-276 critical	9.8
2022-07-07	CVE-2022-32208	Out-of-bounds Write vulnerability in multiple products When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. network high complexity haxx fedoraproject debian netapp apple splunk CWE-787	5.9
2022-07-06	CVE-2022-31129	moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. network low complexity momentjs fedoraproject debian	7.5
2022-07-06	CVE-2021-3695	Out-of-bounds Write vulnerability in multiple products A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. local high complexity gnu fedoraproject redhat netapp CWE-787	4.5
2022-07-05	CVE-2022-31116	UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. network low complexity ultrajson-project fedoraproject	7.5