Page 82 of 2305 results (0.009 seconds)

CVSS: 6.5EPSS: 0%CPEs: 22EXPL: 1

CVE-2022-27776 – curl: auth/cookie leak on redirect

https://notcve.org/view.php?id=CVE-2022-27776

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. Una vulnerabilidad de credenciales insuficientemente protegidas fijada en curl versión 7.83.0, podría filtrar datos de autenticación o de encabezados de cookies en redireccionamientos HTTP al mismo host pero con otro número de puerto A vulnerability was found in curl. This security flaw allows leak authentication or cookie header data on HTTP redirects to the same host but another port number. Sending the same set of headers to a server on a different port number is a problem for applications that pass on custom `Authorization:` or `Cookie:`headers. Those headers often contain privacy-sensitive information or data. • https://hackerone.com/reports/1547048 https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B https://security.gentoo.org/glsa/202212-01 https://security.netapp.com/advisory/ntap-20220609-0008 https://www.debian.org/security/2022/dsa-5197 https://access.redh • CWE-522: Insufficiently Protected Credentials •

CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0

CVE-2022-1786

https://notcve.org/view.php?id=CVE-2022-1786

A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system. Se encontró un fallo de uso de memoria previamente liberada en el subsistema io_uring del kernel de Linux en la forma en que un usuario configura un anillo con IORING_SETUP_IOPOLL con más de una tarea completando envíos en este anillo. Este fallo permite a un usuario local colapsar o escalar sus privilegios en el sistema • https://bugzilla.redhat.com/show_bug.cgi?id=2087760 https://security.netapp.com/advisory/ntap-20220722-0001 https://www.debian.org/security/2022/dsa-5161 • CWE-416: Use After Free CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0

CVE-2022-1652

https://notcve.org/view.php?id=CVE-2022-1652

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. El Kernel de Linux podría permitir a un atacante local ejecutar código arbitrario en el sistema, causado por un fallo de uso de memoria previamente liberada concurrente en la función bad_flp_intr. Al ejecutar un programa especialmente diseñado, un atacante podría explotar esta vulnerabilidad para ejecutar código arbitrario o causar una condición de denegación de servicio en el sistema • https://bugzilla.redhat.com/show_bug.cgi?id=1832397 https://francozappa.github.io/about-bias https://kb.cert.org/vuls/id/647177 https://security.netapp.com/advisory/ntap-20220722-0002 https://www.debian.org/security/2022/dsa-5173 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0

CVE-2022-1199

https://notcve.org/view.php?id=CVE-2022-1199

A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. Se ha encontrado un fallo en el kernel de Linux. Este fallo permite a un atacante bloquear el kernel de Linux al simular la radioafición desde el espacio de usuario, resultando en una vulnerabilidad null-ptr-deref y una vulnerabilidad de uso de memoria previamente liberada • https://access.redhat.com/security/cve/CVE-2022-1199 https://bugzilla.redhat.com/show_bug.cgi?id=2070694 https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809 https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10 https://security.netapp.com/advisory/ntap-20221228-0006 https://www.openwall.com/lists/oss-security/2022/04/02/5 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference •

CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2022-1664 – directory traversal for in-place extracts with untrusted v2 and v3 source packages with debian.tar

https://notcve.org/view.php?id=CVE-2022-1664

Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs. La función Dpkg::Source::Archive en dpkg, el sistema de administración de paquetes de Debian, versiones anteriores a 1.21.8, 1.20.10, 1.19.8, 1.18.26, es propenso a una vulnerabilidad de salto de directorio. Cuando son extraídos paquetes fuente no confiables en formatos de paquetes fuente v2 y v3 que incluyen un debian.tar, la extracción en el lugar puede conllevar a situaciones de salto de directorio en los tarballs orig.tar y debian.tar especialmente diseñados • https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=1f23dddc17f69c9598477098c7fb9936e15fa495 https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=58814cacee39c4ce9e2cd0e3a3b9b57ad437eff5 https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=7a6c03cb34d4a09f35df2f10779cbf1b70a5200b https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=faa4c92debe45412bfcf8a44f26e827800bb24be https://lists.debian.org/debian-lts-announce/2022/05/msg00033.html https://lists.debian.org/debian-security-announce/2022/msg00115.html https://security • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •