CVE-2022-4122 – podman: Symlink error leads to information disclosure
https://notcve.org/view.php?id=CVE-2022-4122
A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure. Se encontró una vulnerabilidad en buildah. El seguimiento incorrecto de enlaces simbólicos al leer .containerignore y .dockerignore da como resultado la divulgación de información. A vulnerability was found in buildah and podman. • https://bugzilla.redhat.com/show_bug.cgi?id=2144983 https://github.com/containers/podman/pull/16315 https://access.redhat.com/security/cve/CVE-2022-4122 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2022-24439 – Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2022-24439
All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments. Todas las versiones del paquete gitpython son vulnerables a la ejecución remota de código (RCE) debido a una validación incorrecta de la entrada del usuario, lo que hace posible inyectar una URL remota creada con fines malintencionados en el comando de clonación. Es posible explotar esta vulnerabilidad porque la librería realiza llamadas externas a git sin una sanitización suficiente de los argumentos de entrada. A remote code execution vulnerability exists in Git-python. • https://github.com/gitpython-developers/GitPython/blob/bec61576ae75803bc4e60d8de7a629c194313d1c/git/repo/base.py%23L1249 https://lists.debian.org/debian-lts-announce/2023/07/msg00024.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AV5DV7GBLMOZT7U3Q4TDOJO5R6G3V6GH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IKMVYKLWX62UEYKAN64RUZMOIAMZM5JN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2022-46391
https://notcve.org/view.php?id=CVE-2022-46391
AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. AWStats 7.x a 7.8 permite XSS en el complemento hostinfo debido a que se imprime una respuesta de Net::XWhois sin las comprobaciones adecuadas. • https://github.com/eldy/AWStats/pull/226 https://lists.debian.org/debian-lts-announce/2022/12/msg00010.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRFYH4DE3COMI3LJCOQQXA4FWOABU6Z2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MYUZIFVB4N3NK4WGNHRNXZKJITCJBJX4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-46149 – Cap'n Proto vulnerable to out-of-bounds read due to logic error handling list-of-list.
https://notcve.org/view.php?id=CVE-2022-46149
Cap'n Proto is a data interchange format and remote procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error handling list-of-list. This issue may lead someone to remotely segfault a peer by sending it a malicious message, if the victim performs certain actions on a list-of-pointer type. Exfiltration of memory is possible if the victim performs additional certain actions on a list-of-pointer type. To be vulnerable, an application must perform a specific sequence of actions, described in the GitHub Security Advisory. • https://github.com/capnproto/capnproto/commit/25d34c67863fd960af34fc4f82a7ca3362ee74b9 https://github.com/capnproto/capnproto/security/advisories/GHSA-qqff-4vw4-f6hx https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAHKLUMJAXJEV5BPBS5XXWBQ3ZTHGOLY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTS6TWD6K2NKXLEEFBPROQXMOFUTEYWY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKXM4JAFXLTXU5IQB3OUBQVCIICZWGYX https://lists.fedoraproj • CWE-125: Out-of-bounds Read •
CVE-2022-4172 – QEMU: ACPI ERST: memory corruption issues in read_erst_record and write_erst_record
https://notcve.org/view.php?id=CVE-2022-4172
An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could use these flaws to crash the QEMU process on the host. Se encontraron problemas de desbordamiento de enteros y desbordamiento de búfer en el dispositivo ACPI Error Record Serialization Table (ERST) de QEMU en las funciones read_erst_record() y write_erst_record(). Ambos problemas pueden permitir que el huésped sobrecargue el búfer del host asignado para el dispositivo de memoria ERST. • https://gitlab.com/qemu-project/qemu/-/commit/defb7098 https://gitlab.com/qemu-project/qemu/-/issues/1268 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O https://lore.kernel.org/qemu-devel/20221024154233.1043347-1-lk%40c--e.de https://security.netapp.com/advisory/ntap-20230127-0013 https://access.redhat.com/security/cve/CVE-2022-4172 https://bugzilla.redhat.com/show_bug.cgi?id=2149105 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound •