Vulnerabilities > Fedoraproject > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-02 CVE-2022-27776 Insufficiently Protected Credentials vulnerability in multiple products
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. 		6.5
6.5
2022-06-02 CVE-2022-31783 Out-of-bounds Write vulnerability in multiple products
Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace.
local
low complexity
liblouis fedoraproject CWE-787
5.5
5.5
2022-05-26 CVE-2022-22662 A cookie management issue was addressed with improved state management.
network
low complexity
apple fedoraproject
6.5
6.5
2022-05-26 CVE-2022-26691 Incorrect Comparison vulnerability in multiple products
A logic issue was addressed with improved state management. 		6.7
6.7
2022-05-26 CVE-2022-30783 Unchecked Return Value vulnerability in multiple products
An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite.
local
low complexity
tuxera fedoraproject debian CWE-252
6.7
6.7
2022-05-26 CVE-2022-30785 A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite.
local
low complexity
tuxera fedoraproject debian
6.7
6.7
2022-05-26 CVE-2022-30787 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite.
local
low complexity
tuxera fedoraproject debian CWE-191
6.7
6.7
2022-05-25 CVE-2022-1348 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A vulnerability was found in logrotate in how the state file is created.
network
low complexity
logrotate-project fedoraproject CWE-732
6.5
6.5
2022-05-18 CVE-2022-30597 A flaw was found in moodle where the description user field was not hidden when being set as a hidden user field.
network
low complexity
moodle redhat fedoraproject
5.3
5.3
2022-05-18 CVE-2022-30598 A flaw was found in moodle where global search results could include author information on some activities where a user may not otherwise have access to it.
network
low complexity
moodle redhat fedoraproject
4.3
4.3