CVE-2022-22720 – HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier
https://notcve.org/view.php?id=CVE-2022-22720
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling Apache HTTP Server versiones 2.4.52 y anteriores, no cierran la conexión entrante cuando son encontrados errores descartando el cuerpo de la petición, exponiendo al servidor al contrabando de peticiones HTTP A flaw was found in httpd. The inbound connection is not closed when it fails to discard the request body, which may expose the server to HTTP request smuggling. • https://github.com/Benasin/CVE-2022-22720 http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 http://www.openwall.com/lists/oss-security/2022/03/14/3 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO https:& • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2022-22719 – mod_lua Use of uninitialized value of in r:parsebody
https://notcve.org/view.php?id=CVE-2022-22719
A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier. Un cuerpo de petición cuidadosamente diseñado puede causar una lectura en una zona de memoria aleatoria que podría causar al proceso un bloqueo. Este problema afecta al servidor HTTP Apache versiones 2.4.52 y anteriores A flaw was found in the mod_lua module of httpd. A crafted request body can cause a read to a random memory area due to an uninitialized value in functions called by the parsebody function. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/38 http://www.openwall.com/lists/oss-security/2022/03/14/4 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO https://lists.fedoraproject.org/archives/list/package • CWE-665: Improper Initialization CWE-908: Use of Uninitialized Resource •
CVE-2022-0943 – Heap-based Buffer Overflow occurs in vim in vim/vim
https://notcve.org/view.php?id=CVE-2022-0943
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. Se produce un desbordamiento del búfer basado en Heap en vim en el repositorio de GitHub vim/vim anterior a 8.2.4563 A heap buffer overflow flaw was found in vim's suggest_try_change() function of the spellsuggest.c file. This flaw allows an attacker to trick a user into opening a crafted file, triggering a heap-overflow and causing an application to crash, which leads to a denial of service. • http://seclists.org/fulldisclosure/2022/Oct/28 http://seclists.org/fulldisclosure/2022/Oct/41 https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3 https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1 https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3R36VSLO4TRX72SWB6IDJOD24BQXPX2 https://lists.fedoraproject& • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-26981
https://notcve.org/view.php?id=CVE-2022-26981
Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c). Liblouis versiones hasta 3.21.0, presenta un desbordamiento de búfer en compilePassOpcode en el archivo compileTranslationTable.c (llamado, indirectamente, por el archivo tools/lou_checktable.c) • http://seclists.org/fulldisclosure/2022/Jul/12 http://seclists.org/fulldisclosure/2022/Jul/15 http://seclists.org/fulldisclosure/2022/Jul/16 http://seclists.org/fulldisclosure/2022/Jul/18 https://github.com/liblouis/liblouis/issues/1171 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFD2KIHESDUCNWTEW3USFB5GKTWT624L https://security.gentoo.org/glsa/202301-06 https://support.apple.com/kb/HT213340 https://support.apple.com/kb/HT213342 https://sup • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2022-23308 – libxml2: Use-after-free of ID and IDREF attributes
https://notcve.org/view.php?id=CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. El archivo valid.c en libxml2 versiones anteriores a 2.9.13, presenta un uso de memoria previamente liberada de los atributos ID e IDREF. A flaw was found in libxml2. A call to the xmlGetID function can return a pointer already freed when parsing an XML document with the XML_PARSE_DTDVALID option and without the XML_PARSE_NOENT option, resulting in a use-after-free issue. • http://seclists.org/fulldisclosure/2022/May/33 http://seclists.org/fulldisclosure/2022/May/34 http://seclists.org/fulldisclosure/2022/May/35 http://seclists.org/fulldisclosure/2022/May/36 http://seclists.org/fulldisclosure/2022/May/37 http://seclists.org/fulldisclosure/2022/May/38 https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS https://lists.debian.org/debian-lts-announce/2022/04/msg00004. • CWE-416: Use After Free •