Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-09	CVE-2022-28614	Integer Overflow or Wraparound vulnerability in multiple products The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. network low complexity apache fedoraproject netapp CWE-190	5.3
2022-06-09	CVE-2022-28615	Integer Overflow or Wraparound vulnerability in multiple products Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. network low complexity apache fedoraproject netapp CWE-190 critical	9.1
2022-06-09	CVE-2022-29404	Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size. network low complexity apache fedoraproject netapp CWE-770	7.5
2022-06-09	CVE-2022-30522	Allocation of Resources Without Limits or Throttling vulnerability in multiple products If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort. network low complexity apache netapp fedoraproject CWE-770	7.5
2022-06-09	CVE-2022-30556	Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer. network low complexity apache netapp fedoraproject	7.5
2022-06-09	CVE-2022-31813	Insufficient Verification of Data Authenticity vulnerability in multiple products Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. network low complexity apache netapp fedoraproject CWE-345 critical	9.8
2022-06-09	CVE-2022-2000	Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject apple debian	7.8
2022-06-09	CVE-2022-31214	Improper Privilege Management vulnerability in multiple products A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. local low complexity firejail-project fedoraproject debian CWE-269	7.8
2022-06-09	CVE-2022-1998	Use After Free vulnerability in multiple products A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). local low complexity linux fedoraproject redhat netapp CWE-416	7.8
2022-06-09	CVE-2022-31030	containerd is an open source container runtime. local low complexity linuxfoundation debian fedoraproject	5.5