CVSS: 6.5EPSS: 0%CPEs: 22EXPL: 1CVE-2022-27776 – curl: auth/cookie leak on redirect
https://notcve.org/view.php?id=CVE-2022-27776
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. Una vulnerabilidad de credenciales insuficientemente protegidas fijada en curl versión 7.83.0, podría filtrar datos de autenticación o de encabezados de cookies en redireccionamientos HTTP al mismo host pero con otro número de puerto A vulnerability was found in curl. This security flaw allows leak authentication or cookie header data on HTTP redirects to the same host but another port number. Sending the same set of headers to a server on a different port number is a problem for applications that pass on custom `Authorization:` or `Cookie:`headers. Those headers often contain privacy-sensitive information or data. • https://hackerone.com/reports/1547048 https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B https://security.gentoo.org/glsa/202212-01 https://security.netapp.com/advisory/ntap-20220609-0008 https://www.debian.org/security/2022/dsa-5197 https://access.redh • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-29221 – PHP Code Injection by malicious block or filename in Smarty
https://notcve.org/view.php?id=CVE-2022-29221
Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds. Smarty es un motor de plantillas para PHP, que facilita la separación de la presentación (HTML/CSS) de la lógica de la aplicación. • https://github.com/sbani/CVE-2022-29221-PoC https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd https://github.com/smarty-php/smarty/releases/tag/v3.1.45 https://github.com/smarty-php/smarty/releases/tag/v4.1.1 https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c https://lists.debian.org/debian-lts-announce/2022/05/msg00044.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-30975
https://notcve.org/view.php?id=CVE-2022-30975
In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp. En Artifex MuJS versiones hasta 1.2.0, jsP_dumpsyntax en el archivo jsdump.c presenta una desreferencia de puntero NULL, como ha demostrado mujs-pp • https://github.com/ccxvii/mujs/issues/161 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MC6PLHTXHZ7GW7QQGTLBHLXL47UHTHXO https://www.debian.org/security/2022/dsa-5291 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-30974
https://notcve.org/view.php?id=CVE-2022-30974
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413. Una compilación en el archivo regexp.c en Artifex MuJS versiones hasta 1.2.0, resulta en un consumo de la pila debido a una recursión ilimitada, un problema diferente a CVE-2019-11413 • https://github.com/ccxvii/mujs/issues/162 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MC6PLHTXHZ7GW7QQGTLBHLXL47UHTHXO https://www.debian.org/security/2022/dsa-5291 • CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-28487
https://notcve.org/view.php?id=CVE-2022-28487
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality. Tcpreplay versión 4.4.1, contiene un fallo de pérdida de memoria en la función fix_ipv6_checksums(). La mayor amenaza de esta vulnerabilidad es para la confidencialidad de los datos • https://github.com/appneta/tcpreplay/issues/723 https://github.com/appneta/tcpreplay/pull/720 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5B75AFRJUGOYHCFG2ZV2JKSUPA6MSCT5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ECRCFJ6X3IVB7BT4KS6AHQMSL532YXYD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWRZO7BG6DHA5NAC3COB45WFXLYRIERC https://security.gentoo.org/glsa/202210-08 • CWE-401: Missing Release of Memory after Effective Lifetime •