Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-08	CVE-2022-1996	Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. network low complexity go-restful-project fedoraproject critical	9.1
2022-06-08	CVE-2022-24065	OS Command Injection vulnerability in multiple products The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. network low complexity cookiecutter-project fedoraproject CWE-78 critical	9.8
2022-06-07	CVE-2022-1708	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. network low complexity kubernetes fedoraproject redhat CWE-770	7.5
2022-06-06	CVE-2022-32511	jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable. network low complexity jmespath-project fedoraproject critical	9.8
2022-06-02	CVE-2022-32250	Use After Free vulnerability in multiple products net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. local low complexity linux fedoraproject debian netapp CWE-416	7.8
2022-06-02	CVE-2022-1789	NULL Pointer Dereference vulnerability in multiple products With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. low complexity linux fedoraproject redhat debian CWE-476	6.8
2022-06-02	CVE-2022-1949	Authorization Bypass Through User-Controlled Key vulnerability in multiple products An access control bypass vulnerability found in 389-ds-base. network low complexity redhat fedoraproject CWE-639	7.5
2022-06-02	CVE-2022-27776	Insufficiently Protected Credentials vulnerability in multiple products A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. network low complexity haxx fedoraproject debian netapp brocade splunk CWE-522	6.5
2022-06-02	CVE-2022-31783	Out-of-bounds Write vulnerability in multiple products Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace. local low complexity liblouis fedoraproject CWE-787	5.5
2022-06-02	CVE-2022-31799	Improper Handling of Exceptional Conditions vulnerability in multiple products Bottle before 0.12.20 mishandles errors during early request binding. network low complexity bottlepy debian fedoraproject CWE-755 critical	9.8