Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-30 | CVE-2022-28202 | Cross-site Scripting vulnerability in multiple products An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. | 6.1 |
| 2022-03-29 | CVE-2022-1122 | A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. | 5.5 |
| 2022-03-29 | CVE-2022-1055 | Use After Free vulnerability in multiple products A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. | 7.8 |
| 2022-03-28 | CVE-2022-26280 | Out-of-bounds Read vulnerability in multiple products Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init. | 6.5 |
| 2022-03-28 | CVE-2022-24303 | Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled. | 9.1 |
| 2022-03-26 | CVE-2022-27939 | Reachable Assertion vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c. | 5.5 |
| 2022-03-26 | CVE-2022-27940 | Out-of-bounds Read vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | 7.8 |
| 2022-03-26 | CVE-2022-27941 | Out-of-bounds Read vulnerability in multiple products tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. | 7.8 |
| 2022-03-26 | CVE-2022-27942 | Out-of-bounds Read vulnerability in multiple products tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. | 7.8 |
| 2022-03-26 | CVE-2022-27943 | Uncontrolled Recursion vulnerability in multiple products libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. | 5.5 |