Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-23 | CVE-2022-45149 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL. | 5.4 |
| 2022-11-23 | CVE-2022-45150 | Cross-site Scripting vulnerability in multiple products A reflected cross-site scripting vulnerability was discovered in Moodle. | 6.1 |
| 2022-11-23 | CVE-2022-45151 | Cross-site Scripting vulnerability in multiple products The stored-XSS vulnerability was discovered in Moodle which exists due to insufficient sanitization of user-supplied data in several "social" user profile fields. | 5.4 |
| 2022-11-22 | CVE-2022-3500 | A vulnerability was found in keylime. | 5.1 |
| 2022-11-22 | CVE-2022-36227 | NULL Pointer Dereference vulnerability in multiple products In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. | 9.8 |
| 2022-11-18 | CVE-2021-33621 | Injection vulnerability in multiple products The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. | 8.8 |
| 2022-11-16 | CVE-2022-39317 | FreeRDP is a free remote desktop protocol library and clients. | 4.6 |
| 2022-11-16 | CVE-2022-39318 | FreeRDP is a free remote desktop protocol library and clients. | 5.7 |
| 2022-11-16 | CVE-2022-39319 | FreeRDP is a free remote desktop protocol library and clients. | 4.6 |
| 2022-11-16 | CVE-2022-39316 | FreeRDP is a free remote desktop protocol library and clients. | 5.7 |