CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38266
https://notcve.org/view.php?id=CVE-2022-38266
An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file. Un problema en la biblioteca enlazada Leptonica (v1.79.0) permite a los atacantes provocar una excepción aritmética que conduce a una denegación de servicio (DoS) a través de un archivo JPEG manipulado • https://github.com/DanBloomberg/leptonica/commit/f062b42c0ea8dddebdc6a152fd16152de215d614 https://github.com/tesseract-ocr/tesseract/issues/3498 https://lists.debian.org/debian-lts-announce/2022/12/msg00018.html https://security.gentoo.org/glsa/202312-01 • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-2905
https://notcve.org/view.php?id=CVE-2022-2905
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. Se ha encontrado un fallo de lectura de memoria fuera de límites en el subsistema BPF del kernel de Linux en la forma en que un usuario llama a la función bpf_tail_call con una clave mayor que el max_entries del mapa. Este fallo permite a un usuario local conseguir acceso no autorizado a los datos • https://bugzilla.redhat.com/show_bug.cgi?id=2121800 https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://lore.kernel.org/bpf/984b37f9fdf7ac36831d2137415a4a915744c1b6.1661462653.git.daniel%40iogearbox.net • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2022-40023 – python-mako: REDoS in Lexer class
https://notcve.org/view.php?id=CVE-2022-40023
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin. Sqlalchemy mako versiones anteriores a 1.2.2, es vulnerable a una Denegación de Servicio de expresiones Regulares cuando es usada la clase Lexer para analizar. Esto también afecta a babelplugin y linguaplugin A vulnerability was found in the mako package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability. • https://github.com/sqlalchemy/mako/blob/c2f392e0be52dc67d1b9770ab8cce6a9c736d547/mako/ext/extract.py#L21 https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c https://github.com/sqlalchemy/mako/issues/366 https://lists.debian.org/debian-lts-announce/2022/09/msg00026.html https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages https://pyup.io/vulnerabilities/CVE-2022-40023/50870 https://access.redhat.com/security/cve/CVE-2022-40023 https://bugzilla.redhat.com • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-3134 – Use After Free in vim/vim
https://notcve.org/view.php?id=CVE-2022-3134
Use After Free in GitHub repository vim/vim prior to 9.0.0389. Un Uso de Memoria Previamente Liberada en el repositorio GitHub vim/vim versiones anteriores a 9.0.0389 • https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://security.gentoo.org/glsa/202305-16 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 2CVE-2022-3008 – Command Injection on tinygltf
https://notcve.org/view.php?id=CVE-2022-3008
The tinygltf library uses the C library function wordexp() to perform file path expansion on untrusted paths that are provided from the input file. This function allows for command injection by using backticks. An attacker could craft an untrusted path input that would result in a path expansion. We recommend upgrading to 2.6.0 or past commit 52ff00a38447f06a17eab1caa2cf0730a119c751 La biblioteca tinygltf usa la función de la biblioteca C wordexp() para llevar a cabo una expansión de la ruta del archivo en rutas no confiables que son proporcionadas desde el archivo de entrada. Esta función permite una inyección de comandos mediante el uso de signos de retroceso. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49053 https://github.com/syoyo/tinygltf/blob/master/README.md https://github.com/syoyo/tinygltf/commit/52ff00a38447f06a17eab1caa2cf0730a119c751 https://github.com/syoyo/tinygltf/issues/368 https://www.debian.org/security/2022/dsa-5232 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •