In the Linux kernel before 5.17.3 fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however the race condition perhaps can only be exploited infrequently.

...

AZL-9582 CVE-2022-29582 affecting package kernel for versions less than 5.15.37.1-2

In the Linux kernel before 5.17.3, fs/iouring.c has a use-after-free due to a race condition in iouring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently...

PYSEC-2020-221

A flaw was found in Ansible Base when using the awsssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service...

GHSA-CR6J-3JP9-RW65 Apache Struts vulnerable to remote command execution (RCE) due to improper input validation

Apache Struts contains a Remote Code Execution when using results with no namespace and it's upper actions have no or wildcard namespace. The same flaw exists when using a url tag with no value, action set, and it's upper actions have no or wildcard namespace...

BSA-2018-700

Security Advisory ID : BSA-2018-700 Component : Apache Struts 2 Revision : 1.0: Final Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when using results with no namespace and in same time, its upper actions have no or wildcard namespace. Same...