Fedoraproject: Security Vulnerabilities
GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive.
CVSS Score
5.5
EPSS Score
0.003
Published
2022-11-14
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
CVSS Score
7.8
EPSS Score
0.006
Published
2022-11-12
Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.
CVSS Score
5.8
EPSS Score
0.015
Published
2022-11-11
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.
CVSS Score
9.8
EPSS Score
0.049
Published
2022-11-10
Netlogon RPC Elevation of Privilege Vulnerability
CVSS Score
8.1
EPSS Score
0.026
Published
2022-11-09
Windows Kerberos Elevation of Privilege Vulnerability
CVSS Score
7.2
EPSS Score
0.045
Published
2022-11-09
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
CVSS Score
8.1
EPSS Score
0.028
Published
2022-11-09
IBPB may not prevent return branch predictions from being specified by pre-IBPB branch targets leading to a potential information disclosure.
CVSS Score
5.5
EPSS Score
0.006
Published
2022-11-09
In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper.
CVSS Score
9.8
EPSS Score
0.014
Published
2022-11-09
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.
CVSS Score
7.5
EPSS Score
0.025
Published
2022-11-09