CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 1CVE-2022-36033 – jsoup may not sanitize Cross-Site Scripting (XSS) attempts if SafeList.preserveRelativeLinks is enabled
https://notcve.org/view.php?id=CVE-2022-36033
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. • https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3 https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369 https://jsoup.org/news/release-1.15.3 https://security.netapp.com/advisory/ntap-20221104-0006 https://access.redhat.com/security/cve/CVE-2022-36033 https://bugzilla.redhat.com/show_bug.cgi?id=2127078 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-87: Improper Neutralization of Alternate XSS Syntax •
CVSS: 7.0EPSS: 0%CPEs: 13EXPL: 0CVE-2022-2961
https://notcve.org/view.php?id=CVE-2022-2961
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se ha encontrado un fallo de uso de memoria previamente liberada en la funcionalidad PLP Rose del kernel de Linux en la forma en que un usuario desencadena una condición de carrera al llamar a bind mientras es desencadenada simultáneamente la función rose_bind(). Este fallo permite a un usuario local bloquearse o escalar potencialmente sus privilegios en el sistema • https://access.redhat.com/security/cve/CVE-2022-2961 https://security.netapp.com/advisory/ntap-20230214-0004 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2022-2953 – libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-2953
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. LibTIFF versión 4.4.0, presenta una lectura fuera de límites en extractImageSection en el archivo tools/tiffcrop.c:6905, lo que permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para usuarios que compilan libtiff desde las fuentes, la corrección está disponible con el commit 48d6ece8 An out-of-bound read flaw was found in LibTIFF, in extractImageSection in the tools/tiffcrop.c:6905, allowing attackers to cause a denial of service via a crafted tiff file. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2953.json https://gitlab.com/libtiff/libtiff/-/commit/48d6ece8389b01129e7d357f0985c8f938ce3da3 https://gitlab.com/libtiff/libtiff/-/issues/414 https://security.netapp.com/advisory/ntap-20221014-0008 https://www.debian.org/security/2023/dsa-5333 https://access.redhat.com/security/cve/CVE-2022-2953 https://bugzilla.redhat.com/show_bug.cgi?id=2134432 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-23235
https://notcve.org/view.php?id=CVE-2022-23235
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.10P1 are susceptible to a vulnerability which could allow an attacker to discover cluster, node and Active IQ Unified Manager specific information via AutoSupport telemetry data that is sent even when AutoSupport has been disabled. Active IQ Unified Manager para VMware vSphere, Linux y Microsoft Windows versiones anteriores a 9.10P1, son susceptibles de sufrir una vulnerabilidad que podría permitir a un atacante detectar información específica del clúster, del nodo y de Active IQ Unified Manager por medio de los datos de telemetría de AutoSupport que son enviados incluso cuando AutoSupport ha sido deshabilitado. • https://security.netapp.com/advisory/ntap-20220324-0001 •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-2526 – systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c
https://notcve.org/view.php?id=CVE-2022-2526
A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later. Se ha encontrado una vulnerabilidad de uso de memoria previamente liberada en systemd. Este problema ocurre debido a que las funciones on_stream_io() y dns_stream_complete() en "resolved-dns-stream.c" no incrementan el conteo de referencias para el objeto DnsStream. • https://github.com/systemd/systemd/commit/d973d94dec349fb676fdd844f6fe2ada3538f27c https://security.netapp.com/advisory/ntap-20221111-0005 https://access.redhat.com/security/cve/CVE-2022-2526 https://bugzilla.redhat.com/show_bug.cgi?id=2109926 • CWE-416: Use After Free •