Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-09	CVE-2022-31813	Insufficient Verification of Data Authenticity vulnerability in multiple products Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. network low complexity apache netapp fedoraproject CWE-345 critical	9.8
2022-06-09	CVE-2022-2000	Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. local low complexity vim fedoraproject apple debian	7.8
2022-06-09	CVE-2022-31214	Improper Privilege Management vulnerability in multiple products A Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. local low complexity firejail-project fedoraproject debian CWE-269	7.8
2022-06-09	CVE-2022-1998	Use After Free vulnerability in multiple products A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). local low complexity linux fedoraproject redhat netapp CWE-416	7.8
2022-06-09	CVE-2022-31030	containerd is an open source container runtime. local low complexity linuxfoundation debian fedoraproject	5.5
2022-06-08	CVE-2022-1996	Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. network low complexity go-restful-project fedoraproject critical	9.1
2022-06-08	CVE-2022-24065	OS Command Injection vulnerability in multiple products The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. network low complexity cookiecutter-project fedoraproject CWE-78 critical	9.8
2022-06-07	CVE-2022-1708	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. network low complexity kubernetes fedoraproject redhat CWE-770	7.5
2022-06-06	CVE-2022-32511	jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable. network low complexity jmespath-project fedoraproject critical	9.8
2022-06-02	CVE-2022-32250	Use After Free vulnerability in multiple products net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. local low complexity linux fedoraproject debian netapp CWE-416	7.8

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject