Fedoraproject: Security Vulnerabilities
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-10-07
In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-10-07
A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-10-06
Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load.
CVSS Score
7.1
EPSS Score
0.008
Published
2022-09-30
A limited SQL injection risk was identified in the "browse list of users" site administration page.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-09-30
The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-09-30
Use After Free in GitHub repository vim/vim prior to 9.0.0614.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-09-29
Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine.
CVSS Score
6.2
EPSS Score
0.001
Published
2022-09-29
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
CVSS Score
6.5
EPSS Score
0.173
Published
2022-09-28
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
CVSS Score
2.3
EPSS Score
0.0
Published
2022-09-28