{"vulnerability": "CVE-2022-3817", "sightings": [{"uuid": "840a9caf-717f-4ce2-80dc-8d95d3c89649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38179", "type": "seen", "source": "https://gist.github.com/saburi-pp/237b36513b29209ae31133136478b20e", "content": "", "creation_timestamp": "2025-03-04T05:49:27.000000Z"}, {"uuid": "c2f1b537-07a5-4ac4-a898-2de6fd5449e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38177", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"}, {"uuid": "95af8e3e-ccaa-4e49-820f-62945abe474b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38178", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"}, {"uuid": "f773a1f3-902e-483b-affc-b050f11ce305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38177", "type": "seen", "source": "https://t.me/true_secator/3465", "content": "\u041a\u043e\u043d\u0441\u043e\u0440\u0446\u0438\u0443\u043c \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0441\u0438\u0441\u0442\u0435\u043c ISC \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b \u00a0\u0448\u0435\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u041f\u041e BIND DNS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e.\n\n\u0427\u0435\u0442\u044b\u0440\u0435 \u0438\u0437 \u0448\u0435\u0441\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0432\u0441\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043e\u0442\u043a\u0430\u0437\u043e\u043c \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 DoS, \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c CVE-2022-2906 (\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 7,5) \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0443\u0442\u0435\u0447\u043a\u0443 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043a\u043b\u044e\u0447\u0435\u0439 \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 TKEY \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0414\u0438\u0444\u0444\u0438-\u0425\u0435\u043b\u043b\u043c\u0430\u043d\u0430 \u0441 OpenSSL 3.0.0 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0431\u0430\u0433\u0443 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e \u0441\u0442\u0438\u0440\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c \u0434\u043e \u0432\u044b\u0437\u043e\u0432\u0430 \u0441\u0431\u043e\u044f \u0438\u0437-\u0437\u0430 \u043d\u0435\u0445\u0432\u0430\u0442\u043a\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432.\u00a0\u041f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043d\u0430\u0447\u0438\u043d\u0430\u0442\u044c \u0437\u0430\u043d\u043e\u0432\u043e, \u043d\u043e, \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0431\u0443\u0434\u0435\u0442 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f.\n\n\u0414\u0440\u0443\u0433\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a\u00a0CVE-2022-38177, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u0442\u0435\u0447\u043a\u0443 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u0447\u043d\u043e\u043c \u043a\u043e\u0434\u0435 ECDSA DNSSEC. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432 \u0432\u0438\u0434\u0443 \u043d\u0435\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u044f \u0434\u043b\u0438\u043d\u044b \u043f\u043e\u0434\u043f\u0438\u0441\u0438.\n\n\u0422\u0440\u0435\u0442\u044c\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u00a0CVE-2022-3080\u00a0\u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u0431\u043e\u0439 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f BIND 9 \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u0420\u0435\u0437\u043e\u043b\u0432\u0435\u0440 BIND 9 \u043c\u043e\u0436\u0435\u0442 \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u0443, \u0435\u0441\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0439 \u043a\u0435\u0448 \u0438 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 \u043e\u0442\u0432\u0435\u0442\u044b, \u0434\u043b\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 stale-answer-client-timeout \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 0 \u0438 \u0432 \u043a\u0435\u0448\u0435 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u0435 CNAME \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430.\u00a0\n\n\u0427\u0435\u0442\u0432\u0435\u0440\u0442\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-38178 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u0447\u043d\u043e\u043c \u043a\u043e\u0434\u0435 EdDSA DNSSEC.\n\nISC \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u044b\u0448\u0435\u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u043e\u043b\u0430\u0433\u0430\u044f\u0441\u044c \u043d\u0430 \u0438\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f CISA \u0443\u0436\u0435 \u043f\u043e\u0441\u043f\u0435\u0448\u0438\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u0432 \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.", "creation_timestamp": "2022-09-26T14:13:02.000000Z"}, {"uuid": "09001e86-e537-4aeb-9826-ffd4deaaa928", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38171", "type": "seen", "source": "https://t.me/arpsyndicate/2026", "content": "#ExploitObserverAlert\n\nCVE-2022-38784\n\nDESCRIPTION: Exploit Observer has 15 entries related to CVE-2022-38784. Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.\n\nFIRST-EPSS: 0.001060000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-18T16:55:03.000000Z"}, {"uuid": "a8f43c7a-8d2b-4e2a-bc08-d17bd7b891f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38178", "type": "seen", "source": "https://t.me/true_secator/3465", "content": "\u041a\u043e\u043d\u0441\u043e\u0440\u0446\u0438\u0443\u043c \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u0441\u0438\u0441\u0442\u0435\u043c ISC \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b \u00a0\u0448\u0435\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u041f\u041e BIND DNS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e.\n\n\u0427\u0435\u0442\u044b\u0440\u0435 \u0438\u0437 \u0448\u0435\u0441\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432, \u0432\u0441\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043e\u0442\u043a\u0430\u0437\u043e\u043c \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 DoS, \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c CVE-2022-2906 (\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 7,5) \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0443\u0442\u0435\u0447\u043a\u0443 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043a\u043b\u044e\u0447\u0435\u0439 \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 TKEY \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 \u0414\u0438\u0444\u0444\u0438-\u0425\u0435\u043b\u043b\u043c\u0430\u043d\u0430 \u0441 OpenSSL 3.0.0 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u043c\u0438 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0431\u0430\u0433\u0443 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0441\u0442\u0435\u043f\u0435\u043d\u043d\u043e \u0441\u0442\u0438\u0440\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c \u0434\u043e \u0432\u044b\u0437\u043e\u0432\u0430 \u0441\u0431\u043e\u044f \u0438\u0437-\u0437\u0430 \u043d\u0435\u0445\u0432\u0430\u0442\u043a\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432.\u00a0\u041f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043d\u0430\u0447\u0438\u043d\u0430\u0442\u044c \u0437\u0430\u043d\u043e\u0432\u043e, \u043d\u043e, \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0431\u0443\u0434\u0435\u0442 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f.\n\n\u0414\u0440\u0443\u0433\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a\u00a0CVE-2022-38177, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u0442\u0435\u0447\u043a\u0443 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u0447\u043d\u043e\u043c \u043a\u043e\u0434\u0435 ECDSA DNSSEC. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432 \u0432\u0438\u0434\u0443 \u043d\u0435\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u044f \u0434\u043b\u0438\u043d\u044b \u043f\u043e\u0434\u043f\u0438\u0441\u0438.\n\n\u0422\u0440\u0435\u0442\u044c\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u00a0CVE-2022-3080\u00a0\u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u0431\u043e\u0439 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f BIND 9 \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u0420\u0435\u0437\u043e\u043b\u0432\u0435\u0440 BIND 9 \u043c\u043e\u0436\u0435\u0442 \u0430\u0432\u0430\u0440\u0438\u0439\u043d\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u0443, \u0435\u0441\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0439 \u043a\u0435\u0448 \u0438 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 \u043e\u0442\u0432\u0435\u0442\u044b, \u0434\u043b\u044f \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 stale-answer-client-timeout \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 0 \u0438 \u0432 \u043a\u0435\u0448\u0435 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u0435\u0442 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u0435 CNAME \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430.\u00a0\n\n\u0427\u0435\u0442\u0432\u0435\u0440\u0442\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-38178 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u0447\u043d\u043e\u043c \u043a\u043e\u0434\u0435 EdDSA DNSSEC.\n\nISC \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u044b\u0448\u0435\u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u043e\u043b\u0430\u0433\u0430\u044f\u0441\u044c \u043d\u0430 \u0438\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f CISA \u0443\u0436\u0435 \u043f\u043e\u0441\u043f\u0435\u0448\u0438\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u0432 \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.", "creation_timestamp": "2022-09-26T14:13:02.000000Z"}, {"uuid": "2d1ba608-9854-4d27-bb92-4b64a0dd60b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3817", "type": "seen", "source": "https://t.me/cibsecurity/52444", "content": "\u203c CVE-2022-3817 \u203c\n\nA vulnerability has been found in Axiomatic Bento4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component mp4mux. The manipulation leads to memory leak. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212683.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T01:19:17.000000Z"}, {"uuid": "5f623005-ce9b-40e3-b9cf-74079b2113d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38178", "type": "seen", "source": "https://t.me/cibsecurity/50186", "content": "\u203c CVE-2022-38178 \u203c\n\nBy spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T14:40:52.000000Z"}, {"uuid": "8e7551af-7b14-48b0-a92d-394842978934", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38177", "type": "seen", "source": "https://t.me/cibsecurity/50185", "content": "\u203c CVE-2022-38177 \u203c\n\nBy spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T14:40:50.000000Z"}, {"uuid": "601eb9e5-a313-452b-9944-57c04a506b75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38172", "type": "seen", "source": "https://t.me/cibsecurity/48622", "content": "\u203c CVE-2022-38172 \u203c\n\nServiceNow through San Diego Patch 3 allows XSS via the name field during creation of a new dashboard for the Performance Analytics dashboard.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-23T22:21:46.000000Z"}, {"uuid": "5d4e9ed2-5e5f-4fb0-b660-832af1a5634d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38171", "type": "seen", "source": "https://t.me/cibsecurity/48538", "content": "\u203c CVE-2022-38171 \u203c\n\nXpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readSymbolDictSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-22T22:20:42.000000Z"}, {"uuid": "f34597ee-d0b4-487a-ad0d-59a817b72fdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38171", "type": "seen", "source": "https://t.me/cibsecurity/49028", "content": "\u203c CVE-2022-38784 \u203c\n\nPoppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-30T07:35:02.000000Z"}, {"uuid": "51440bd5-6c0d-423d-aba7-c543a6feacb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38179", "type": "seen", "source": "https://t.me/cibsecurity/48011", "content": "\u203c CVE-2022-38179 \u203c\n\nJetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T14:33:15.000000Z"}]}