CVSS: 7.4EPSS: 0%CPEs: 28EXPL: 2CVE-2022-29824 – libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write
https://notcve.org/view.php?id=CVE-2022-29824
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. En libxml2 versiones anteriores a 2.9.14, varias funciones de manejo de búferes en buf.c (xmlBuf*) y tree.c (xmlBuffer*) no comprueban los desbordamientos de enteros. • http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14 https://gitlab.gnome.org/GNOME/libxslt/-/tags https://lists.debian.org/debian-lts-announce/2022/05/msg0 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 1CVE-2022-29968
https://notcve.org/view.php?id=CVE-2022-29968
An issue was discovered in the Linux kernel through 5.17.5. io_rw_init_file in fs/io_uring.c lacks initialization of kiocb->private. Se ha detectado un problema en el kernel de Linux versiones hasta 5.17.5. La función io_rw_init_file en el archivo fs/io_uring.c carece de la inicialización de kiocb-)private • https://github.com/jprx/CVE-2022-29968 https://github.com/torvalds/linux/commit/32452a3eb8b64e01e2be717f518c0be046975b9d https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU7MT7BPTA2NG24BTLZF5ZWYTLSO7BU3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TLWTG3TWIMLNQEVTA3ZQYVLLU2AJM3DY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XA7UZ3HS73KXVYCIKN5ZDH7LLLGPUMOZ https://security.netapp.com/advisory/ntap-20220715-0009 • CWE-909: Missing Initialization of Resource •
CVSS: 7.7EPSS: 0%CPEs: 14EXPL: 0CVE-2022-25647 – Deserialization of Untrusted Data
https://notcve.org/view.php?id=CVE-2022-25647
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. El paquete com.google.code.gson:gson versiones anteriores a 2.8.9, son vulnerables a una Deserialización de Datos No Confiables por medio del método writeReplace() en clases internas, lo cual puede conllevar a ataques DoS A flaw was found in gson, which is vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes. This issue may lead to availability attacks. • https://github.com/google/gson/pull/1991 https://github.com/google/gson/pull/1991/commits https://lists.debian.org/debian-lts-announce/2022/05/msg00015.html https://lists.debian.org/debian-lts-announce/2022/09/msg00009.html https://security.netapp.com/advisory/ntap-20220901-0009 https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 https://www.debian.org/security/2022/dsa-5227 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE& • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 5CVE-2022-25844 – Regular Expression Denial of Service (ReDoS)
https://notcve.org/view.php?id=CVE-2022-25844
The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value. **Note:** 1) This package has been deprecated and is no longer maintained. 2) The vulnerable versions are 1.7.0 and higher. El paquete angular versiones posteriores a 1.7.0 son vulnerables a una Denegación de Servicio por Expresión Regular (ReDoS) al proporcionar una regla de localización personalizada que permite asignar el parámetro en posPre: " ".repeat() de NUMBER_FORMATS.PATTERNS[1].posPre con un valor muy alto. **Nota:** 1) Este paquete ha quedado obsoleto y ya no es mantenido. 2) Las versiones vulnerables son 1.7.0 y superiores • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2WUSPYOTOMAZPDEFPWPSCSPMNODRDKK3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LNAKCNTVBIHWAUT3FKWV5N67PQXSZOO https://security.netapp.com/advisory/ntap-20220629-0009 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2772736 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2772738 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2772737 https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735 https: • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.1EPSS: 0%CPEs: 29EXPL: 0CVE-2022-1353 – kernel: kernel info leak issue in pfkey_register
https://notcve.org/view.php?id=CVE-2022-1353
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. Se encontró una vulnerabilidad en la función pfkey_register en el archivo net/key/af_key.c en el kernel de Linux. Este fallo permite a un usuario local no privilegiado acceder a la memoria del kernel, conllevando a un bloqueo del sistema o un filtrado de información interna del kernel • https://bugzilla.redhat.com/show_bug.cgi?id=2066819 https://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02c https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html https://security.netapp.com/advisory/ntap-20220629-0001 https://www.debian.org/security/2022/dsa-5127 https://www.debian.org/security/2022/dsa-5173 https://access.redhat.com/security/cve/CVE-2022-1353 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •