Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2022-AVI-746
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Splunk. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Splunk | Splunk Enterprise | Splunk Enterprise versions 9.0.x antérieures à 9.0.1 | ||
| Splunk | Splunk Cloud Platform | Splunk Cloud Platform versions antérieures à 9.0.2205 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 8.2.x antérieures à 8.2.7.1 | ||
| Splunk | Splunk Enterprise | Splunk Enterprise versions 8.1.x antérieures à 8.1.11 | ||
| Splunk | N/A | Universal Forwarders versions 8.2.x antérieures à 8.2.7.1 | ||
| Splunk | N/A | Universal Forwarders versions 9.0.x antérieures à 9.0.1 | ||
| Splunk | N/A | Universal Forwarders versions 8.1.x antérieures à 8.1.11 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Splunk Enterprise versions 9.0.x ant\u00e9rieures \u00e0 9.0.1",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Cloud Platform versions ant\u00e9rieures \u00e0 9.0.2205",
"product": {
"name": "Splunk Cloud Platform",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 8.2.x ant\u00e9rieures \u00e0 8.2.7.1",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Splunk Enterprise versions 8.1.x ant\u00e9rieures \u00e0 8.1.11",
"product": {
"name": "Splunk Enterprise",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Universal Forwarders versions 8.2.x ant\u00e9rieures \u00e0 8.2.7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Universal Forwarders versions 9.0.x ant\u00e9rieures \u00e0 9.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
},
{
"description": "Universal Forwarders versions 8.1.x ant\u00e9rieures \u00e0 8.1.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Splunk",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-37438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37438"
},
{
"name": "CVE-2022-209824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-209824"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2022-37439",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37439"
},
{
"name": "CVE-2022-37437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37437"
},
{
"name": "CVE-2021-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
},
{
"name": "CVE-2022-233089",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-233089"
}
],
"initial_release_date": "2022-08-17T00:00:00",
"last_revision_date": "2022-08-17T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-746",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-08-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Splunk. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Splunk",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-0801 du 16 ao\u00fbt 2022",
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0801.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-0804 du 16 ao\u00fbt 2022",
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0804.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-0803 du 16 ao\u00fbt 2022",
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0803.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Splunk svd-2022-0802 du 16 ao\u00fbt 2022",
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html"
}
]
}
CVE-2022-2068 (GCVE-0-2022-2068)
Vulnerability from cvelistv5
Published
2022-06-21 14:45
Modified
2025-09-15 13:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Command injection
Summary
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-09-15T13:35:05.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://gitlab.com/fraf0/cve-2022-1292-re_score-analysis"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20220621.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9"
},
{
"name": "DSA-5169",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5169"
},
{
"name": "FEDORA-2022-3b7d0abd0b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220707-0008/"
},
{
"name": "FEDORA-2022-41890e9e44",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-2068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:34.326774Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:20:40.016Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"status": "affected",
"version": "Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3)"
},
{
"status": "affected",
"version": "Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o)"
},
{
"status": "affected",
"version": "Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze)"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Chancen (Qingteng 73lab)"
}
],
"datePublic": "2022-06-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze)."
}
],
"metrics": [
{
"other": {
"content": {
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Moderate",
"value": "Moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-10T00:00:00.000Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"url": "https://www.openssl.org/news/secadv/20220621.txt"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9"
},
{
"name": "DSA-5169",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5169"
},
{
"name": "FEDORA-2022-3b7d0abd0b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220707-0008/"
},
{
"name": "FEDORA-2022-41890e9e44",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"
}
],
"title": "The c_rehash script allows command injection"
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2022-2068",
"datePublished": "2022-06-21T14:45:20.597Z",
"dateReserved": "2022-06-13T00:00:00.000Z",
"dateUpdated": "2025-09-15T13:35:05.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37438 (GCVE-0-2022-37438)
Vulnerability from cvelistv5
Published
2022-08-16 19:49
Modified
2024-09-17 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak information (for example, username, email, and real name) about Splunk users, when visited by another user through the drilldown component. The vulnerability requires user access to create and share dashboards using Splunk Web.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 9.0 < 9.0.1 Version: 8.2 < 8.2.7.1 Version: 8.1 < 8.1.11 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:29:21.035Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://research.splunk.com/application/f844c3f6-fd99-43a2-ba24-93e35fe84be6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "9.0.1",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThan": "8.2.7.1",
"status": "affected",
"version": "8.2",
"versionType": "custom"
},
{
"lessThan": "8.1.11",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
},
{
"product": "Splunk Cloud Platform",
"vendor": "Splunk",
"versions": [
{
"lessThan": "9.0.2205",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Eric LaMothe at Splunk"
}
],
"datePublic": "2022-08-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak information (for example, username, email, and real name) about Splunk users, when visited by another user through the drilldown component. The vulnerability requires user access to create and share dashboards using Splunk Web."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T20:02:14",
"orgId": "42b59230-ec95-491e-8425-5a5befa1a469",
"shortName": "Splunk"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://research.splunk.com/application/f844c3f6-fd99-43a2-ba24-93e35fe84be6"
}
],
"source": {
"advisory": "SVD-2022-0802",
"defect": [
"SPL-221531"
],
"discovery": "INTERNAL"
},
"title": "Information disclosure via the dashboard drilldown in Splunk Enterprise",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "prodsec@splunk.com",
"DATE_PUBLIC": "2022-08-16T16:00:00.000Z",
"ID": "CVE-2022-37438",
"STATE": "PUBLIC",
"TITLE": "Information disclosure via the dashboard drilldown in Splunk Enterprise"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Splunk Enterprise",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.1"
},
{
"version_affected": "\u003c",
"version_name": "8.2",
"version_value": "8.2.7.1"
},
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.11"
}
]
}
},
{
"product_name": "Splunk Cloud Platform",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.0.2205"
}
]
}
}
]
},
"vendor_name": "Splunk"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Eric LaMothe at Splunk"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Splunk Enterprise versions in the following table, an authenticated user can craft a dashboard that could potentially leak information (for example, username, email, and real name) about Splunk users, when visited by another user through the drilldown component. The vulnerability requires user access to create and share dashboards using Splunk Web."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html",
"refsource": "CONFIRM",
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0802.html"
},
{
"name": "https://research.splunk.com/application/f844c3f6-fd99-43a2-ba24-93e35fe84be6",
"refsource": "CONFIRM",
"url": "https://research.splunk.com/application/f844c3f6-fd99-43a2-ba24-93e35fe84be6"
}
]
},
"source": {
"advisory": "SVD-2022-0802",
"defect": [
"SPL-221531"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "42b59230-ec95-491e-8425-5a5befa1a469",
"assignerShortName": "Splunk",
"cveId": "CVE-2022-37438",
"datePublished": "2022-08-16T19:49:23.763068Z",
"dateReserved": "2022-08-05T00:00:00",
"dateUpdated": "2024-09-17T01:46:12.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3541 (GCVE-0-2021-3541)
Vulnerability from cvelistv5
Published
2021-07-09 16:02
Modified
2024-08-03 17:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of Service
Summary
A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:07.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950515"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libxml2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.9.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-07T14:43:03",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950515"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20210805-0007/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2021-3541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libxml2",
"version": {
"version_data": [
{
"version_value": "2.9.11"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1950515",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950515"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20210805-0007/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20210805-0007/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3541",
"datePublished": "2021-07-09T16:02:21",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-08-03T17:01:07.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37439 (GCVE-0-2022-37439)
Vulnerability from cvelistv5
Published
2022-08-16 19:49
Modified
2024-09-16 22:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 8.2 < 8.2.7.1 Version: 8.1 < 8.1.11 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:29:21.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0803.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://research.splunk.com/application/b237d393-2f57-4531-aad7-ad3c17c8b041"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"lessThan": "8.2.7.1",
"status": "affected",
"version": "8.2",
"versionType": "custom"
},
{
"lessThan": "8.1.11",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
},
{
"product": "Universal Forwarders",
"vendor": "Splunk",
"versions": [
{
"status": "affected",
"version": "8.1.11"
},
{
"lessThan": "8.2.7.1",
"status": "affected",
"version": "8.2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-08-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-409",
"description": "CWE-409",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-16T19:49:49",
"orgId": "42b59230-ec95-491e-8425-5a5befa1a469",
"shortName": "Splunk"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0803.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://research.splunk.com/application/b237d393-2f57-4531-aad7-ad3c17c8b041"
}
],
"source": {
"advisory": "SVD-2022-0803",
"defect": [
"SPL-220982"
]
},
"title": "Malformed ZIP file crashes Universal Forwarders and Splunk Enterprise through file monitoring input",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "prodsec@splunk.com",
"DATE_PUBLIC": "2022-08-16T16:00:00.000Z",
"ID": "CVE-2022-37439",
"STATE": "PUBLIC",
"TITLE": "Malformed ZIP file crashes Universal Forwarders and Splunk Enterprise through file monitoring input"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Splunk Enterprise",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.2",
"version_value": "8.2.7.1"
},
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.11"
}
]
}
},
{
"product_name": "Universal Forwarders",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.2",
"version_value": "8.2.7.1"
},
{
"version_name": "8.1",
"version_value": "8.1.11"
}
]
}
}
]
},
"vendor_name": "Splunk"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-409"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0803.html",
"refsource": "CONFIRM",
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0803.html"
},
{
"name": "https://research.splunk.com/application/b237d393-2f57-4531-aad7-ad3c17c8b041",
"refsource": "CONFIRM",
"url": "https://research.splunk.com/application/b237d393-2f57-4531-aad7-ad3c17c8b041"
}
]
},
"source": {
"advisory": "SVD-2022-0803",
"defect": [
"SPL-220982"
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "42b59230-ec95-491e-8425-5a5befa1a469",
"assignerShortName": "Splunk",
"cveId": "CVE-2022-37439",
"datePublished": "2022-08-16T19:49:49.787022Z",
"dateReserved": "2022-08-05T00:00:00",
"dateUpdated": "2024-09-16T22:56:21.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37437 (GCVE-0-2022-37437)
Vulnerability from cvelistv5
Published
2022-08-16 19:50
Modified
2024-09-16 20:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service (S3) in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an Ingest Actions Destination through Splunk Web and only applies to environments that have configured TLS certificate validation. It does not apply to Destinations configured directly in the outputs.conf configuration file. The vulnerability affects Splunk Enterprise version 9.0.0 and does not affect versions below 9.0.0, including the 8.1.x and 8.2.x versions.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Splunk | Splunk Enterprise |
Version: 9.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:29:21.033Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0801.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Splunk Enterprise",
"vendor": "Splunk",
"versions": [
{
"status": "affected",
"version": "9.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Eric LaMothe at Splunk"
},
{
"lang": "en",
"value": "Ali Mirheidari at Splunk"
}
],
"datePublic": "2022-08-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service (S3) in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an Ingest Actions Destination through Splunk Web and only applies to environments that have configured TLS certificate validation. It does not apply to Destinations configured directly in the outputs.conf configuration file. The vulnerability affects Splunk Enterprise version 9.0.0 and does not affect versions below 9.0.0, including the 8.1.x and 8.2.x versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-16T19:50:29",
"orgId": "42b59230-ec95-491e-8425-5a5befa1a469",
"shortName": "Splunk"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0801.html"
}
],
"source": {
"advisory": "SVD-2022-0801",
"defect": [
"SPL-224209"
],
"discovery": "INTERNAL"
},
"title": "Ingest Actions UI in Splunk Enterprise 9.0.0 disabled TLS certificate validation",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "prodsec@splunk.com",
"DATE_PUBLIC": "2022-08-16T16:00:00.000Z",
"ID": "CVE-2022-37437",
"STATE": "PUBLIC",
"TITLE": "Ingest Actions UI in Splunk Enterprise 9.0.0 disabled TLS certificate validation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Splunk Enterprise",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "9.0",
"version_value": "9.0.0"
}
]
}
}
]
},
"vendor_name": "Splunk"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Eric LaMothe at Splunk"
},
{
"lang": "eng",
"value": "Ali Mirheidari at Splunk"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When using Ingest Actions to configure a destination that resides on Amazon Simple Storage Service (S3) in Splunk Web, TLS certificate validation is not correctly performed and tested for the destination. The vulnerability only affects connections between Splunk Enterprise and an Ingest Actions Destination through Splunk Web and only applies to environments that have configured TLS certificate validation. It does not apply to Destinations configured directly in the outputs.conf configuration file. The vulnerability affects Splunk Enterprise version 9.0.0 and does not affect versions below 9.0.0, including the 8.1.x and 8.2.x versions."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0801.html",
"refsource": "CONFIRM",
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0801.html"
}
]
},
"source": {
"advisory": "SVD-2022-0801",
"defect": [
"SPL-224209"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "42b59230-ec95-491e-8425-5a5befa1a469",
"assignerShortName": "Splunk",
"cveId": "CVE-2022-37437",
"datePublished": "2022-08-16T19:50:29.832023Z",
"dateReserved": "2022-08-05T00:00:00",
"dateUpdated": "2024-09-16T20:03:48.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23308 (GCVE-0-2022-23308)
Vulnerability from cvelistv5
Published
2022-02-26 00:00
Modified
2025-05-05 16:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2022-050c712ed7",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/"
},
{
"name": "[debian-lts-announce] 20220408 [SECURITY] [DLA 2972-1] libxml2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-6 tvOS 15.5",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/37"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "20220516 APPLE-SA-2022-05-16-5 watchOS 8.6",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/36"
},
{
"name": "20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/34"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213257"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213256"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213255"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220331-0008/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213253"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213258"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213254"
},
{
"name": "GLSA-202210-03",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-03"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-23308",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:14.908557Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:26:56.501Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-16T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2022-050c712ed7",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/"
},
{
"name": "[debian-lts-announce] 20220408 [SECURITY] [DLA 2972-1] libxml2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-6 tvOS 15.5",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/37"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "20220516 APPLE-SA-2022-05-16-5 watchOS 8.6",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/36"
},
{
"name": "20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/34"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://support.apple.com/kb/HT213257"
},
{
"url": "https://support.apple.com/kb/HT213256"
},
{
"url": "https://support.apple.com/kb/HT213255"
},
{
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS"
},
{
"url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220331-0008/"
},
{
"url": "https://support.apple.com/kb/HT213253"
},
{
"url": "https://support.apple.com/kb/HT213258"
},
{
"url": "https://support.apple.com/kb/HT213254"
},
{
"name": "GLSA-202210-03",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-03"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23308",
"datePublished": "2022-02-26T00:00:00.000Z",
"dateReserved": "2022-01-17T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:26:56.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29824 (GCVE-0-2022-29824)
Vulnerability from cvelistv5
Published
2022-05-03 00:00
Modified
2024-08-03 06:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:33:42.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/tags"
},
{
"name": "FEDORA-2022-9136d646e4",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/"
},
{
"name": "FEDORA-2022-be6d83642a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/"
},
{
"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3012-1] libxml2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html"
},
{
"name": "FEDORA-2022-f624aad735",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/"
},
{
"name": "DSA-5142",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5142"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220715-0006/"
},
{
"name": "GLSA-202210-03",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-03"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don\u0027t check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2\u0027s buffer functions, for example libxslt through 1.1.35, is affected as well."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/tags"
},
{
"name": "FEDORA-2022-9136d646e4",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/"
},
{
"name": "FEDORA-2022-be6d83642a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/"
},
{
"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3012-1] libxml2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html"
},
{
"name": "FEDORA-2022-f624aad735",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/"
},
{
"name": "DSA-5142",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5142"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14"
},
{
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab"
},
{
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd"
},
{
"url": "http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220715-0006/"
},
{
"name": "GLSA-202210-03",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-03"
},
{
"url": "http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-29824",
"datePublished": "2022-05-03T00:00:00",
"dateReserved": "2022-04-27T00:00:00",
"dateUpdated": "2024-08-03T06:33:42.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…