Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-07-06 CVE-2021-3695 Out-of-bounds Write vulnerability in multiple products
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area.
local
high complexity
gnu fedoraproject redhat netapp CWE-787
4.5
4.5
2022-07-05 CVE-2022-31117 UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+.
network
high complexity
ultrajson-project fedoraproject
5.9
5.9
2022-07-05 CVE-2022-2097 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. 		5.3
5.3
2022-07-02 CVE-2022-34911 Cross-site Scripting vulnerability in multiple products
An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1.
network
low complexity
mediawiki fedoraproject CWE-79
6.1
6.1
2022-07-02 CVE-2022-34912 An issue was discovered in MediaWiki before 1.37.3 and 1.38.x before 1.38.1.
network
low complexity
mediawiki fedoraproject
6.1
6.1
2022-07-01 CVE-2022-32325 Out-of-bounds Read vulnerability in multiple products
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c.
network
low complexity
jpegoptim-project fedoraproject CWE-125
6.5
6.5
2022-07-01 CVE-2022-34903 Injection vulnerability in multiple products
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
network
high complexity
gnupg fedoraproject debian netapp CWE-74
6.5
6.5
2022-06-30 CVE-2022-2056 Divide By Zero vulnerability in multiple products
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp fedoraproject debian CWE-369
6.5
6.5
2022-06-30 CVE-2022-2057 Divide By Zero vulnerability in multiple products
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp fedoraproject debian CWE-369
6.5
6.5
2022-06-30 CVE-2022-2058 Divide By Zero vulnerability in multiple products
Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp fedoraproject debian CWE-369
6.5
6.5