Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-14 | CVE-2022-46344 | Out-of-bounds Read vulnerability in multiple products A vulnerability was found in X.Org. | 8.8 |
| 2022-12-14 | CVE-2022-4283 | Use After Free vulnerability in multiple products A vulnerability was found in X.Org. | 7.8 |
| 2022-12-13 | CVE-2022-4223 | Missing Authorization vulnerability in multiple products The pgAdmin server includes an HTTP API that is intended to be used to validate the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. | 8.8 |
| 2022-12-09 | CVE-2022-4170 | The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. | 9.8 |
| 2022-12-08 | CVE-2022-41717 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. | 5.3 |
| 2022-12-08 | CVE-2022-4122 | A vulnerability was found in buildah. | 5.3 |
| 2022-12-08 | CVE-2022-4123 | Path Traversal vulnerability in multiple products A flaw was found in Buildah. | 3.3 |
| 2022-12-06 | CVE-2022-24439 | Improper Input Validation vulnerability in multiple products All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. | 9.8 |
| 2022-12-04 | CVE-2022-46391 | Cross-site Scripting vulnerability in multiple products AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. | 6.1 |
| 2022-11-30 | CVE-2022-46149 | Cap'n Proto is a data interchange format and remote procedure call (RPC) system. | 5.4 |