Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2022-2044
Vulnerability from csaf_certbund
Published
2022-11-08 23:00
Modified
2024-04-24 22:00
Summary
Red Hat Enterprise Linux: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-2044 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2044.json", }, { category: "self", summary: "WID-SEC-2022-2044 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2044", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-11-08", url: "https://access.redhat.com/errata/RHSA-2022:7447", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-11-08", url: "https://access.redhat.com/errata/RHSA-2022:7458", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-11-08", url: "https://access.redhat.com/errata/RHSA-2022:7514", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-11-08", url: "https://access.redhat.com/errata/RHSA-2022:7548", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-11-08", url: "https://access.redhat.com/errata/RHSA-2022:7558", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-11-08", url: "https://access.redhat.com/errata/RHSA-2022:7822", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-11-08", url: "https://access.redhat.com/errata/RHSA-2022:7704", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-11-08", url: "https://access.redhat.com/errata/RHSA-2022:7622", }, { category: "external", summary: "Red Hat Security Advisory vom 2022-11-08", url: "https://access.redhat.com/errata/RHSA-2022:7639", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8008 vom 2022-11-15", url: "https://access.redhat.com/errata/RHSA-2022:8008", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-7704 vom 2022-11-15", url: "https://linux.oracle.com/errata/ELSA-2022-7704.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8431 vom 2022-11-15", url: "https://access.redhat.com/errata/RHSA-2022:8431", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-7458 vom 2022-11-15", url: "https://linux.oracle.com/errata/ELSA-2022-7458.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:7935 vom 2022-11-15", url: "https://access.redhat.com/errata/RHSA-2022:7935", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:7950 vom 2022-11-15", url: "https://access.redhat.com/errata/RHSA-2022:7950", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8139 vom 2022-11-15", url: "https://access.redhat.com/errata/RHSA-2022:8139", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8062 vom 2022-11-15", url: "https://access.redhat.com/errata/RHSA-2022:8062", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8054 vom 2022-11-15", url: "https://access.redhat.com/errata/RHSA-2022:8054", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8011 vom 2022-11-15", url: "https://access.redhat.com/errata/RHSA-2022:8011", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-8054 vom 2022-11-22", url: "https://linux.oracle.com/errata/ELSA-2022-8054.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-7822 vom 2022-11-24", url: "http://linux.oracle.com/errata/ELSA-2022-7822.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-8431 vom 2022-11-24", url: "http://linux.oracle.com/errata/ELSA-2022-8431.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-10031 vom 2022-11-29", url: "https://linux.oracle.com/errata/ELSA-2022-10031.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8626 vom 2022-11-29", url: "https://access.redhat.com/errata/RHSA-2022:8626", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:8781 vom 2022-12-08", url: "https://access.redhat.com/errata/RHSA-2022:8781", }, { category: "external", summary: "Gentoo Linux Security Advisory GLSA-202212-02 vom 2022-12-19", url: "https://security.gentoo.org/glsa/202212-02", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:7398 vom 2023-01-18", url: "https://access.redhat.com/errata/RHSA-2022:7398", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:1275 vom 2023-03-15", url: "https://access.redhat.com/errata/RHSA-2023:1275", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:2193 vom 2023-05-09", url: "https://access.redhat.com/errata/RHSA-2023:2193", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:2758 vom 2023-05-16", url: "https://access.redhat.com/errata/RHSA-2023:2758", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2023:2802 vom 2023-05-16", url: "https://access.redhat.com/errata/RHSA-2023:2802", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2023-2116 vom 2023-07-20", url: "https://alas.aws.amazon.com/AL2/ALAS-2023-2116.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-2468 vom 2024-02-19", url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2468.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2024-2452 vom 2024-02-06", url: "https://alas.aws.amazon.com/AL2/ALAS-2024-2452.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALASR4-2023-001 vom 2024-01-23", url: "https://alas.aws.amazon.com/AL2/ALASR4-2023-001.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:2045 vom 2024-04-25", url: "https://access.redhat.com/errata/RHSA-2024:2045", }, ], source_lang: "en-US", title: "Red Hat Enterprise Linux: Mehrere Schwachstellen", tracking: { current_release_date: "2024-04-24T22:00:00.000+00:00", generator: { date: "2024-08-15T17:38:00.017+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-2044", initial_release_date: "2022-11-08T23:00:00.000+00:00", revision_history: [ { date: "2022-11-08T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-11-15T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat und Oracle Linux aufgenommen", }, { date: "2022-11-23T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2022-11-28T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen", }, { date: "2022-12-07T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-12-18T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Gentoo aufgenommen", }, { date: "2023-01-17T23:00:00.000+00:00", number: "7", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-03-15T23:00:00.000+00:00", number: "8", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-05-09T22:00:00.000+00:00", number: "9", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-05-16T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2023-07-20T22:00:00.000+00:00", number: "11", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-01-22T23:00:00.000+00:00", number: "12", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-02-05T23:00:00.000+00:00", number: "13", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-02-19T23:00:00.000+00:00", number: "14", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-04-24T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "15", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Gentoo Linux", product: { name: "Gentoo Linux", product_id: "T012167", product_identification_helper: { cpe: "cpe:/o:gentoo:linux:-", }, }, }, ], category: "vendor", name: "Gentoo", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { category: "product_version", name: "8", product: { name: "Red Hat Enterprise Linux 8", product_id: "T014111", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:8", }, }, }, ], category: "product_name", name: "Enterprise Linux", }, { category: "product_name", name: "Red Hat OpenShift", product: { name: "Red Hat OpenShift", product_id: "T008027", product_identification_helper: { cpe: "cpe:/a:redhat:openshift:-", }, }, }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2021-4048", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2021-4048", }, { cve: "CVE-2021-44269", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2021-44269", }, { cve: "CVE-2022-1049", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-1049", }, { cve: "CVE-2022-21682", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-21682", }, { cve: "CVE-2022-22624", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-22624", }, { cve: "CVE-2022-22628", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-22628", }, { cve: "CVE-2022-22629", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-22629", }, { cve: "CVE-2022-22662", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-22662", }, { cve: "CVE-2022-25308", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-25308", }, { cve: "CVE-2022-25309", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-25309", }, { cve: "CVE-2022-25310", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-25310", }, { cve: "CVE-2022-26700", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-26700", }, { cve: "CVE-2022-26709", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-26709", }, { cve: "CVE-2022-26710", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-26710", }, { cve: "CVE-2022-26716", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-26716", }, { cve: "CVE-2022-26717", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-26717", }, { cve: "CVE-2022-26719", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-26719", }, { cve: "CVE-2022-2989", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-2989", }, { cve: "CVE-2022-2990", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-2990", }, { cve: "CVE-2022-30293", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-30293", }, { cve: "CVE-2022-30698", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-30698", }, { cve: "CVE-2022-30699", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-30699", }, { cve: "CVE-2022-32189", notes: [ { category: "description", text: "In Red Hat Enterprise Linux existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Dateien zu manipulieren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T008027", "67646", "398363", "T012167", "T004914", "T014111", ], }, release_date: "2022-11-08T23:00:00.000+00:00", title: "CVE-2022-32189", }, ], }
cve-2022-32189
Vulnerability from cvelistv5
Published
2022-08-09 20:17
Modified
2024-08-03 07:32
Severity ?
Summary
A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | math/big |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:56.026Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://go.dev/cl/417774", }, { tags: [ "x_transferred", ], url: "https://go.googlesource.com/go/+/055113ef364337607e3e72ed7d48df67fde6fc66", }, { tags: [ "x_transferred", ], url: "https://go.dev/issue/53871", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/YqYYG87xB10", }, { tags: [ "x_transferred", ], url: "https://pkg.go.dev/vuln/GO-2022-0537", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "math/big", product: "math/big", programRoutines: [ { name: "Float.GobDecode", }, { name: "Rat.GobDecode", }, ], vendor: "Go standard library", versions: [ { lessThan: "1.17.13", status: "affected", version: "0", versionType: "semver", }, { lessThan: "1.18.5", status: "affected", version: "1.18.0-0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", value: "@catenacyber", }, ], descriptions: [ { lang: "en", value: "A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service.", }, ], problemTypes: [ { descriptions: [ { description: "CWE 400: Uncontrolled Resource Consumption", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-12T19:05:15.506Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://go.dev/cl/417774", }, { url: "https://go.googlesource.com/go/+/055113ef364337607e3e72ed7d48df67fde6fc66", }, { url: "https://go.dev/issue/53871", }, { url: "https://groups.google.com/g/golang-announce/c/YqYYG87xB10", }, { url: "https://pkg.go.dev/vuln/GO-2022-0537", }, ], title: "Panic when decoding Float and Rat types in math/big", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2022-32189", datePublished: "2022-08-09T20:17:59", dateReserved: "2022-05-31T00:00:00", dateUpdated: "2024-08-03T07:32:56.026Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25310
Vulnerability from cvelistv5
Published
2022-09-06 17:18
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/fribidi/fribidi/issues/183 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2047923 | x_refsource_MISC | |
| https://github.com/fribidi/fribidi/pull/186 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/CVE-2022-25310 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:36:06.822Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/fribidi/fribidi/issues/183", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2047923", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/fribidi/fribidi/pull/186", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2022-25310", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "fribidi", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in v1.0.12", }, ], }, ], descriptions: [ { lang: "en", value: "A segmentation fault (SEGV) flaw was found in the Fribidi package and affects the fribidi_remove_bidi_marks() function of the lib/fribidi.c file. This flaw allows an attacker to pass a specially crafted file to Fribidi, leading to a crash and causing a denial of service.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer.", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-06T17:18:52", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/fribidi/fribidi/issues/183", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2047923", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/fribidi/fribidi/pull/186", }, { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/CVE-2022-25310", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2022-25310", datePublished: "2022-09-06T17:18:52", dateReserved: "2022-02-17T00:00:00", dateUpdated: "2024-08-03T04:36:06.822Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2989
Vulnerability from cvelistv5
Published
2022-09-13 13:41
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2121445 | x_refsource_MISC | |
| https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:53:00.641Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2121445", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "podman", vendor: "n/a", versions: [ { status: "affected", version: "no fixed version known", }, ], }, ], descriptions: [ { lang: "en", value: "An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-842", description: "CWE-842", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T13:41:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2121445", }, { tags: [ "x_refsource_MISC", ], url: "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2022-2989", datePublished: "2022-09-13T13:41:00", dateReserved: "2022-08-25T00:00:00", dateUpdated: "2024-08-03T00:53:00.641Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-44269
Vulnerability from cvelistv5
Published
2022-03-10 16:13
Modified
2024-08-04 04:17
Severity ?
EPSS score ?
Summary
An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/dbry/WavPack/issues/110 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRZWZKEEABCLVXZEXQZBIT3ZKLIXVFF5/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CZUFTX3J4Y4OSRITG4PXCI7NRVFDYVQ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SQKOOJRI2VAPYS3652HVDXON723HTXBP/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5B7L26LA6KGX7YH6SWD5CSBNWKV5MBO/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I54NXQZELBF42OL4KQZJJRAYZX7IPZXP/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:17:24.921Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/dbry/WavPack/issues/110", }, { name: "FEDORA-2022-0fc7b22bcd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRZWZKEEABCLVXZEXQZBIT3ZKLIXVFF5/", }, { name: "FEDORA-2022-737f020ede", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CZUFTX3J4Y4OSRITG4PXCI7NRVFDYVQ/", }, { name: "FEDORA-2022-7df99d9f80", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SQKOOJRI2VAPYS3652HVDXON723HTXBP/", }, { name: "FEDORA-2022-cece705cbf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5B7L26LA6KGX7YH6SWD5CSBNWKV5MBO/", }, { name: "FEDORA-2022-8e94ec2244", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I54NXQZELBF42OL4KQZJJRAYZX7IPZXP/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-05T18:06:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/dbry/WavPack/issues/110", }, { name: "FEDORA-2022-0fc7b22bcd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRZWZKEEABCLVXZEXQZBIT3ZKLIXVFF5/", }, { name: "FEDORA-2022-737f020ede", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CZUFTX3J4Y4OSRITG4PXCI7NRVFDYVQ/", }, { name: "FEDORA-2022-7df99d9f80", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SQKOOJRI2VAPYS3652HVDXON723HTXBP/", }, { name: "FEDORA-2022-cece705cbf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5B7L26LA6KGX7YH6SWD5CSBNWKV5MBO/", }, { name: "FEDORA-2022-8e94ec2244", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I54NXQZELBF42OL4KQZJJRAYZX7IPZXP/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-44269", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/dbry/WavPack/issues/110", refsource: "MISC", url: "https://github.com/dbry/WavPack/issues/110", }, { name: "FEDORA-2022-0fc7b22bcd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CRZWZKEEABCLVXZEXQZBIT3ZKLIXVFF5/", }, { name: "FEDORA-2022-737f020ede", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2CZUFTX3J4Y4OSRITG4PXCI7NRVFDYVQ/", }, { name: "FEDORA-2022-7df99d9f80", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SQKOOJRI2VAPYS3652HVDXON723HTXBP/", }, { name: "FEDORA-2022-cece705cbf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5B7L26LA6KGX7YH6SWD5CSBNWKV5MBO/", }, { name: "FEDORA-2022-8e94ec2244", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I54NXQZELBF42OL4KQZJJRAYZX7IPZXP/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-44269", datePublished: "2022-03-10T16:13:27", dateReserved: "2021-11-29T00:00:00", dateUpdated: "2024-08-04T04:17:24.921Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26710
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2024-08-03 05:11
Severity ?
EPSS score ?
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:11:44.296Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213258", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213253", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213254", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213257", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "macOS", vendor: "Apple", versions: [ { lessThan: "12.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "8.6", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Processing maliciously crafted web content may lead to arbitrary code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-01T00:00:00", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { url: "https://support.apple.com/en-us/HT213258", }, { url: "https://support.apple.com/en-us/HT213253", }, { url: "https://support.apple.com/en-us/HT213254", }, { url: "https://support.apple.com/en-us/HT213257", }, ], }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2022-26710", datePublished: "2022-11-01T00:00:00", dateReserved: "2022-03-08T00:00:00", dateUpdated: "2024-08-03T05:11:44.296Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25309
Vulnerability from cvelistv5
Published
2022-09-06 17:18
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/fribidi/fribidi/issues/182 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2047896 | x_refsource_MISC | |
| https://github.com/fribidi/fribidi/commit/f22593b82b5d1668d1997dbccd10a9c31ffea3b3 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/CVE-2022-25309 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:36:06.823Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/fribidi/fribidi/issues/182", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2047896", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/fribidi/fribidi/commit/f22593b82b5d1668d1997dbccd10a9c31ffea3b3", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2022-25309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "fribidi", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in v1.0.12", }, ], }, ], descriptions: [ { lang: "en", value: "A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass a specially crafted file to the Fribidi application with the '--caprtl' option, leading to a crash and causing a denial of service.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122 - Heap-based Buffer Overflow.", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-06T17:18:52", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/fribidi/fribidi/issues/182", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2047896", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/fribidi/fribidi/commit/f22593b82b5d1668d1997dbccd10a9c31ffea3b3", }, { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/CVE-2022-25309", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2022-25309", datePublished: "2022-09-06T17:18:52", dateReserved: "2022-02-17T00:00:00", dateUpdated: "2024-08-03T04:36:06.823Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26719
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2024-08-03 05:11
Severity ?
EPSS score ?
Summary
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:11:44.097Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213258", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213253", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213254", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213257", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213260", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "macOS", vendor: "Apple", versions: [ { lessThan: "12.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "macOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "8.6", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Processing maliciously crafted web content may lead to arbitrary code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-01T00:00:00", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { url: "https://support.apple.com/en-us/HT213258", }, { url: "https://support.apple.com/en-us/HT213253", }, { url: "https://support.apple.com/en-us/HT213254", }, { url: "https://support.apple.com/en-us/HT213257", }, { url: "https://support.apple.com/en-us/HT213260", }, ], }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2022-26719", datePublished: "2022-11-01T00:00:00", dateReserved: "2022-03-08T00:00:00", dateUpdated: "2024-08-03T05:11:44.097Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26716
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2024-08-03 05:11
Severity ?
EPSS score ?
Summary
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:11:44.316Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213258", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213253", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213254", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213257", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213260", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "macOS", vendor: "Apple", versions: [ { lessThan: "12.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "macOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "8.6", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Processing maliciously crafted web content may lead to arbitrary code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-01T00:00:00", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { url: "https://support.apple.com/en-us/HT213258", }, { url: "https://support.apple.com/en-us/HT213253", }, { url: "https://support.apple.com/en-us/HT213254", }, { url: "https://support.apple.com/en-us/HT213257", }, { url: "https://support.apple.com/en-us/HT213260", }, ], }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2022-26716", datePublished: "2022-11-01T00:00:00", dateReserved: "2022-03-08T00:00:00", dateUpdated: "2024-08-03T05:11:44.316Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25308
Vulnerability from cvelistv5
Published
2022-09-06 17:18
Modified
2024-08-03 04:36
Severity ?
EPSS score ?
Summary
A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/fribidi/fribidi/issues/181 | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2047890 | x_refsource_MISC | |
| https://github.com/fribidi/fribidi/pull/184 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/CVE-2022-25308 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:36:06.972Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/fribidi/fribidi/issues/181", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2047890", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/fribidi/fribidi/pull/184", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2022-25308", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "fribidi", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in v1.0.12", }, ], }, ], descriptions: [ { lang: "en", value: "A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or a denial of service.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121 - Stack-based Buffer Overflow.", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-06T17:18:52", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/fribidi/fribidi/issues/181", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2047890", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/fribidi/fribidi/pull/184", }, { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/CVE-2022-25308", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2022-25308", datePublished: "2022-09-06T17:18:52", dateReserved: "2022-02-17T00:00:00", dateUpdated: "2024-08-03T04:36:06.972Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22628
Vulnerability from cvelistv5
Published
2022-09-23 18:58
Modified
2024-08-03 03:21
Severity ?
EPSS score ?
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.apple.com/en-us/HT213182 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213193 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213183 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213186 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213187 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:21:48.824Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213182", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213193", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213183", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213186", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213187", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Safari", vendor: "Apple", versions: [ { lessThan: "15.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "tvOS", vendor: "Apple", versions: [ { lessThan: "15.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "tvOS", vendor: "Apple", versions: [ { lessThan: "12.3", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "tvOS", vendor: "Apple", versions: [ { lessThan: "15.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "8.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Processing maliciously crafted web content may lead to arbitrary code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-23T18:58:31", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213182", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213193", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213183", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213186", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213187", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "product-security@apple.com", ID: "CVE-2022-22628", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Safari", version: { version_data: [ { version_affected: "<", version_value: "15.4", }, ], }, }, { product_name: "tvOS", version: { version_data: [ { version_affected: "<", version_value: "15.4", }, ], }, }, { product_name: "tvOS", version: { version_data: [ { version_affected: "<", version_value: "12.3", }, ], }, }, { product_name: "tvOS", version: { version_data: [ { version_affected: "<", version_value: "15.4", }, ], }, }, { product_name: "watchOS", version: { version_data: [ { version_affected: "<", version_value: "8.5", }, ], }, }, ], }, vendor_name: "Apple", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Processing maliciously crafted web content may lead to arbitrary code execution", }, ], }, ], }, references: { reference_data: [ { name: "https://support.apple.com/en-us/HT213182", refsource: "MISC", url: "https://support.apple.com/en-us/HT213182", }, { name: "https://support.apple.com/en-us/HT213193", refsource: "MISC", url: "https://support.apple.com/en-us/HT213193", }, { name: "https://support.apple.com/en-us/HT213183", refsource: "MISC", url: "https://support.apple.com/en-us/HT213183", }, { name: "https://support.apple.com/en-us/HT213186", refsource: "MISC", url: "https://support.apple.com/en-us/HT213186", }, { name: "https://support.apple.com/en-us/HT213187", refsource: "MISC", url: "https://support.apple.com/en-us/HT213187", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2022-22628", datePublished: "2022-09-23T18:58:31", dateReserved: "2022-01-05T00:00:00", dateUpdated: "2024-08-03T03:21:48.824Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-21682
Vulnerability from cvelistv5
Published
2022-01-13 00:00
Modified
2024-08-03 02:46
Severity ?
EPSS score ?
Summary
Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that is specified in the manifest, so running `flatpak build` against it will gain those permissions. Normally this will not be done, so this is not problem. However, if `--mirror-screenshots-url` is specified, then flatpak-builder will launch `flatpak build --nofilesystem=host appstream-utils mirror-screenshots` after finalization, which can lead to issues even with the `--nofilesystem=host` protection. In normal use, the only issue is that these empty directories can be created wherever the user has write permissions. However, a malicious application could replace the `appstream-util` binary and potentially do something more hostile. This has been resolved in Flatpak 1.12.3 and 1.10.6 by changing the behaviour of `--nofilesystem=home` and `--nofilesystem=host`.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:46:39.409Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx", }, { tags: [ "x_transferred", ], url: "https://github.com/flatpak/flatpak/commit/445bddeee657fdc8d2a0a1f0de12975400d4fc1a", }, { tags: [ "x_transferred", ], url: "https://github.com/flatpak/flatpak/commit/4d11f77aa7fd3e64cfa80af89d92567ab9e8e6fa", }, { name: "FEDORA-2022-825ca6bf2b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APFTBYGJJVJPFVHRXUW5PII5XOAFI4KH/", }, { name: "DSA-5049", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5049", }, { name: "FEDORA-2022-7e328bd66c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IXKBERLJRYV7KXKGXOLI6IOXVBQNN4DP/", }, { name: "GLSA-202312-12", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-12", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "flatpak", vendor: "flatpak", versions: [ { status: "affected", version: ">= 1.11.0, < 1.12.3", }, { status: "affected", version: "< 1.10.6", }, ], }, ], descriptions: [ { lang: "en", value: "Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies `finish-args` last in the build. At this point the build directory will have the full access that is specified in the manifest, so running `flatpak build` against it will gain those permissions. Normally this will not be done, so this is not problem. However, if `--mirror-screenshots-url` is specified, then flatpak-builder will launch `flatpak build --nofilesystem=host appstream-utils mirror-screenshots` after finalization, which can lead to issues even with the `--nofilesystem=host` protection. In normal use, the only issue is that these empty directories can be created wherever the user has write permissions. However, a malicious application could replace the `appstream-util` binary and potentially do something more hostile. This has been resolved in Flatpak 1.12.3 and 1.10.6 by changing the behaviour of `--nofilesystem=home` and `--nofilesystem=host`.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-23T10:06:21.099810", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx", }, { url: "https://github.com/flatpak/flatpak/commit/445bddeee657fdc8d2a0a1f0de12975400d4fc1a", }, { url: "https://github.com/flatpak/flatpak/commit/4d11f77aa7fd3e64cfa80af89d92567ab9e8e6fa", }, { name: "FEDORA-2022-825ca6bf2b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APFTBYGJJVJPFVHRXUW5PII5XOAFI4KH/", }, { name: "DSA-5049", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5049", }, { name: "FEDORA-2022-7e328bd66c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IXKBERLJRYV7KXKGXOLI6IOXVBQNN4DP/", }, { name: "GLSA-202312-12", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202312-12", }, ], source: { advisory: "GHSA-8ch7-5j3h-g4fx", discovery: "UNKNOWN", }, title: "flatpak-builder can access files outside the build directory.", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-21682", datePublished: "2022-01-13T00:00:00", dateReserved: "2021-11-16T00:00:00", dateUpdated: "2024-08-03T02:46:39.409Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1049
Vulnerability from cvelistv5
Published
2022-03-25 18:03
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5 | x_refsource_MISC | |
| https://www.debian.org/security/2022/dsa-5226 | vendor-advisory, x_refsource_DEBIAN | |
| https://lists.debian.org/debian-lts-announce/2022/09/msg00017.html | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | clusterlabs/pcs |
Version: pcs versions <= v0.11.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:47:43.257Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5", }, { name: "DSA-5226", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5226", }, { name: "[debian-lts-announce] 20220914 [SECURITY] [DLA 3108-1] pcs security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/09/msg00017.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "clusterlabs/pcs", vendor: "n/a", versions: [ { status: "affected", version: "pcs versions <= v0.11.2", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE-287", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-14T23:06:10", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5", }, { name: "DSA-5226", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5226", }, { name: "[debian-lts-announce] 20220914 [SECURITY] [DLA 3108-1] pcs security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/09/msg00017.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2022-1049", datePublished: "2022-03-25T18:03:01", dateReserved: "2022-03-22T00:00:00", dateUpdated: "2024-08-02T23:47:43.257Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26700
Vulnerability from cvelistv5
Published
2022-09-23 18:58
Modified
2024-08-03 05:11
Severity ?
EPSS score ?
Summary
A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.apple.com/en-us/HT213258 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213253 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213254 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213257 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213260 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:11:44.177Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213258", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213253", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213254", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213257", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213260", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "macOS", vendor: "Apple", versions: [ { lessThan: "12.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "macOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "8.6", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Processing maliciously crafted web content may lead to code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-23T18:58:31", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213258", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213253", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213254", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213257", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213260", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "product-security@apple.com", ID: "CVE-2022-26700", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "macOS", version: { version_data: [ { version_affected: "<", version_value: "12.4", }, ], }, }, { product_name: "macOS", version: { version_data: [ { version_affected: "<", version_value: "15.5", }, ], }, }, { product_name: "watchOS", version: { version_data: [ { version_affected: "<", version_value: "8.6", }, ], }, }, { product_name: "watchOS", version: { version_data: [ { version_affected: "<", version_value: "15.5", }, ], }, }, { product_name: "watchOS", version: { version_data: [ { version_affected: "<", version_value: "15.5", }, ], }, }, ], }, vendor_name: "Apple", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Processing maliciously crafted web content may lead to code execution", }, ], }, ], }, references: { reference_data: [ { name: "https://support.apple.com/en-us/HT213258", refsource: "MISC", url: "https://support.apple.com/en-us/HT213258", }, { name: "https://support.apple.com/en-us/HT213253", refsource: "MISC", url: "https://support.apple.com/en-us/HT213253", }, { name: "https://support.apple.com/en-us/HT213254", refsource: "MISC", url: "https://support.apple.com/en-us/HT213254", }, { name: "https://support.apple.com/en-us/HT213257", refsource: "MISC", url: "https://support.apple.com/en-us/HT213257", }, { name: "https://support.apple.com/en-us/HT213260", refsource: "MISC", url: "https://support.apple.com/en-us/HT213260", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2022-26700", datePublished: "2022-09-23T18:58:31", dateReserved: "2022-03-08T00:00:00", dateUpdated: "2024-08-03T05:11:44.177Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30699
Vulnerability from cvelistv5
Published
2022-08-01 14:13
Modified
2024-09-16 18:29
Severity ?
EPSS score ?
Summary
NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue nameserver delays the response so that the cached delegation information is expired. Upon receiving the delayed answer containing the delegation information, Unbound overwrites the now expired entries. This action can be repeated when the delegation information is about to expire making the rogue delegation information ever-updating. From version 1.16.2 on, Unbound stores the start time for a query and uses that to decide if the cached delegation information can be overwritten.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NLnet Labs | Unbound |
Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:56:13.797Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt", }, { name: "FEDORA-2022-f89beb0640", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5L3ZFWZZFPBIL654BG75RWXUMPFQJ5EC/", }, { name: "FEDORA-2022-0a914d5c6b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D35CX4SCZVNKZTWJXPDFTHWZHINMGEZD/", }, { name: "GLSA-202212-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202212-02", }, { name: "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Unbound", vendor: "NLnet Labs", versions: [ { lessThanOrEqual: "1.16.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "We would like to thank Xiang Li from the Network and Information Security Lab of Tsinghua University for discovering and disclosing the vulnerability.", }, ], datePublic: "2022-08-01T00:00:00", descriptions: [ { lang: "en", value: "NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the \"ghost domain names\" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire. The rogue nameserver delays the response so that the cached delegation information is expired. Upon receiving the delayed answer containing the delegation information, Unbound overwrites the now expired entries. This action can be repeated when the delegation information is about to expire making the rogue delegation information ever-updating. From version 1.16.2 on, Unbound stores the start time for a query and uses that to decide if the cached delegation information can be overwritten.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-29T00:00:00", orgId: "206fc3a0-e175-490b-9eaa-a5738056c9f6", shortName: "NLnet Labs", }, references: [ { url: "https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt", }, { name: "FEDORA-2022-f89beb0640", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5L3ZFWZZFPBIL654BG75RWXUMPFQJ5EC/", }, { name: "FEDORA-2022-0a914d5c6b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D35CX4SCZVNKZTWJXPDFTHWZHINMGEZD/", }, { name: "GLSA-202212-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202212-02", }, { name: "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html", }, ], title: "Novel \"ghost domain names\" attack by updating almost expired delegation information", }, }, cveMetadata: { assignerOrgId: "206fc3a0-e175-490b-9eaa-a5738056c9f6", assignerShortName: "NLnet Labs", cveId: "CVE-2022-30699", datePublished: "2022-08-01T14:13:58.392776Z", dateReserved: "2022-05-13T00:00:00", dateUpdated: "2024-09-16T18:29:59.438Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22629
Vulnerability from cvelistv5
Published
2022-09-23 19:02
Modified
2024-08-03 03:21
Severity ?
EPSS score ?
Summary
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.apple.com/en-us/HT213182 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213193 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213183 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213186 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213188 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213187 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Apple | Safari |
Version: unspecified < 15.4 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:21:48.864Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213182", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213193", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213183", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213186", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213188", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213187", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Safari", vendor: "Apple", versions: [ { lessThan: "15.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "tvOS", vendor: "Apple", versions: [ { lessThan: "15.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "tvOS", vendor: "Apple", versions: [ { lessThan: "12.3", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "tvOS", vendor: "Apple", versions: [ { lessThan: "15.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "8.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "12.12", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "12.12", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Processing maliciously crafted web content may lead to arbitrary code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-23T19:02:49", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213182", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213193", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213183", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213186", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213188", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213187", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "product-security@apple.com", ID: "CVE-2022-22629", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Safari", version: { version_data: [ { version_affected: "<", version_value: "15.4", }, ], }, }, { product_name: "tvOS", version: { version_data: [ { version_affected: "<", version_value: "15.4", }, ], }, }, { product_name: "tvOS", version: { version_data: [ { version_affected: "<", version_value: "12.3", }, ], }, }, { product_name: "tvOS", version: { version_data: [ { version_affected: "<", version_value: "15.4", }, ], }, }, { product_name: "watchOS", version: { version_data: [ { version_affected: "<", version_value: "8.5", }, ], }, }, { product_name: "watchOS", version: { version_data: [ { version_affected: "<", version_value: "12.12", }, ], }, }, { product_name: "watchOS", version: { version_data: [ { version_affected: "<", version_value: "12.12", }, ], }, }, ], }, vendor_name: "Apple", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Processing maliciously crafted web content may lead to arbitrary code execution", }, ], }, ], }, references: { reference_data: [ { name: "https://support.apple.com/en-us/HT213182", refsource: "MISC", url: "https://support.apple.com/en-us/HT213182", }, { name: "https://support.apple.com/en-us/HT213193", refsource: "MISC", url: "https://support.apple.com/en-us/HT213193", }, { name: "https://support.apple.com/en-us/HT213183", refsource: "MISC", url: "https://support.apple.com/en-us/HT213183", }, { name: "https://support.apple.com/en-us/HT213186", refsource: "MISC", url: "https://support.apple.com/en-us/HT213186", }, { name: "https://support.apple.com/en-us/HT213188", refsource: "MISC", url: "https://support.apple.com/en-us/HT213188", }, { name: "https://support.apple.com/en-us/HT213187", refsource: "MISC", url: "https://support.apple.com/en-us/HT213187", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2022-22629", datePublished: "2022-09-23T19:02:49", dateReserved: "2022-01-05T00:00:00", dateUpdated: "2024-08-03T03:21:48.864Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22624
Vulnerability from cvelistv5
Published
2022-09-23 18:58
Modified
2024-08-03 03:21
Severity ?
EPSS score ?
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.apple.com/en-us/HT213182 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213183 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213186 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213187 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:21:48.813Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213182", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213183", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213186", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213187", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Safari", vendor: "Apple", versions: [ { lessThan: "15.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "tvOS", vendor: "Apple", versions: [ { lessThan: "15.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "tvOS", vendor: "Apple", versions: [ { lessThan: "12.3", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "tvOS", vendor: "Apple", versions: [ { lessThan: "15.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Processing maliciously crafted web content may lead to arbitrary code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-23T18:58:30", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213182", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213183", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213186", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213187", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "product-security@apple.com", ID: "CVE-2022-22624", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Safari", version: { version_data: [ { version_affected: "<", version_value: "15.4", }, ], }, }, { product_name: "tvOS", version: { version_data: [ { version_affected: "<", version_value: "15.4", }, ], }, }, { product_name: "tvOS", version: { version_data: [ { version_affected: "<", version_value: "12.3", }, ], }, }, { product_name: "tvOS", version: { version_data: [ { version_affected: "<", version_value: "15.4", }, ], }, }, ], }, vendor_name: "Apple", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4, tvOS 15.4, Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Processing maliciously crafted web content may lead to arbitrary code execution", }, ], }, ], }, references: { reference_data: [ { name: "https://support.apple.com/en-us/HT213182", refsource: "MISC", url: "https://support.apple.com/en-us/HT213182", }, { name: "https://support.apple.com/en-us/HT213183", refsource: "MISC", url: "https://support.apple.com/en-us/HT213183", }, { name: "https://support.apple.com/en-us/HT213186", refsource: "MISC", url: "https://support.apple.com/en-us/HT213186", }, { name: "https://support.apple.com/en-us/HT213187", refsource: "MISC", url: "https://support.apple.com/en-us/HT213187", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2022-22624", datePublished: "2022-09-23T18:58:30", dateReserved: "2022-01-05T00:00:00", dateUpdated: "2024-08-03T03:21:48.813Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26709
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2024-08-03 05:11
Severity ?
EPSS score ?
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:11:44.715Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213258", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213253", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213254", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213257", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213260", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "macOS", vendor: "Apple", versions: [ { lessThan: "12.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "macOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "8.6", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Processing maliciously crafted web content may lead to arbitrary code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-01T00:00:00", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { url: "https://support.apple.com/en-us/HT213258", }, { url: "https://support.apple.com/en-us/HT213253", }, { url: "https://support.apple.com/en-us/HT213254", }, { url: "https://support.apple.com/en-us/HT213257", }, { url: "https://support.apple.com/en-us/HT213260", }, ], }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2022-26709", datePublished: "2022-11-01T00:00:00", dateReserved: "2022-03-08T00:00:00", dateUpdated: "2024-08-03T05:11:44.715Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30698
Vulnerability from cvelistv5
Published
2022-08-01 14:13
Modified
2024-09-16 19:35
Severity ?
EPSS score ?
Summary
NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates Unbound's delegation cache. This action can be repeated before expiry of the delegation information by querying Unbound for a second level subdomain which the rogue nameserver provides new delegation information. Since Unbound is a child-centric resolver, the ever-updating child delegation information can keep a rogue domain name resolvable long after revocation. From version 1.16.2 on, Unbound checks the validity of parent delegation records before using cached delegation information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| NLnet Labs | Unbound |
Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:56:13.822Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt", }, { name: "FEDORA-2022-f89beb0640", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5L3ZFWZZFPBIL654BG75RWXUMPFQJ5EC/", }, { name: "FEDORA-2022-0a914d5c6b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D35CX4SCZVNKZTWJXPDFTHWZHINMGEZD/", }, { name: "GLSA-202212-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202212-02", }, { name: "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Unbound", vendor: "NLnet Labs", versions: [ { lessThanOrEqual: "1.16.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "We would like to thank Xiang Li from the Network and Information Security Lab of Tsinghua University for discovering and disclosing the vulnerability.", }, ], datePublic: "2022-08-01T00:00:00", descriptions: [ { lang: "en", value: "NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the \"ghost domain names\" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation information for the subdomain that updates Unbound's delegation cache. This action can be repeated before expiry of the delegation information by querying Unbound for a second level subdomain which the rogue nameserver provides new delegation information. Since Unbound is a child-centric resolver, the ever-updating child delegation information can keep a rogue domain name resolvable long after revocation. From version 1.16.2 on, Unbound checks the validity of parent delegation records before using cached delegation information.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-29T00:00:00", orgId: "206fc3a0-e175-490b-9eaa-a5738056c9f6", shortName: "NLnet Labs", }, references: [ { url: "https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-30698_CVE-2022-30699.txt", }, { name: "FEDORA-2022-f89beb0640", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5L3ZFWZZFPBIL654BG75RWXUMPFQJ5EC/", }, { name: "FEDORA-2022-0a914d5c6b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D35CX4SCZVNKZTWJXPDFTHWZHINMGEZD/", }, { name: "GLSA-202212-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202212-02", }, { name: "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html", }, ], title: "Novel \"ghost domain names\" attack by introducing subdomain delegations", }, }, cveMetadata: { assignerOrgId: "206fc3a0-e175-490b-9eaa-a5738056c9f6", assignerShortName: "NLnet Labs", cveId: "CVE-2022-30698", datePublished: "2022-08-01T14:13:44.911318Z", dateReserved: "2022-05-13T00:00:00", dateUpdated: "2024-09-16T19:35:09.568Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-4048
Vulnerability from cvelistv5
Published
2021-12-08 21:24
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/Reference-LAPACK/lapack/pull/625 | x_refsource_MISC | |
| https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781 | x_refsource_MISC | |
| https://github.com/JuliaLang/julia/issues/42415 | x_refsource_MISC | |
| https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41 | x_refsource_MISC | |
| https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c | x_refsource_MISC | |
| https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7 | x_refsource_MISC | |
| https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7 | x_refsource_MISC | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/ | vendor-advisory, x_refsource_FEDORA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:16:03.570Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/Reference-LAPACK/lapack/pull/625", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/JuliaLang/julia/issues/42415", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7", }, { name: "FEDORA-2021-0d4b58060d", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/", }, { name: "FEDORA-2021-aec9d01057", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "lapack", vendor: "n/a", versions: [ { status: "affected", version: "lapack through version 3.10.0", }, ], }, ], descriptions: [ { lang: "en", value: "An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-18T02:06:09", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/Reference-LAPACK/lapack/pull/625", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/JuliaLang/julia/issues/42415", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7", }, { name: "FEDORA-2021-0d4b58060d", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/", }, { name: "FEDORA-2021-aec9d01057", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2021-4048", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "lapack", version: { version_data: [ { version_value: "lapack through version 3.10.0", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/Reference-LAPACK/lapack/pull/625", refsource: "MISC", url: "https://github.com/Reference-LAPACK/lapack/pull/625", }, { name: "https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781", refsource: "MISC", url: "https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781", }, { name: "https://github.com/JuliaLang/julia/issues/42415", refsource: "MISC", url: "https://github.com/JuliaLang/julia/issues/42415", }, { name: "https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41", refsource: "MISC", url: "https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41", }, { name: "https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c", refsource: "MISC", url: "https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c", }, { name: "https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7", refsource: "MISC", url: "https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7", }, { name: "https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7", refsource: "MISC", url: "https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7", }, { name: "FEDORA-2021-0d4b58060d", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/", }, { name: "FEDORA-2021-aec9d01057", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QFEVOCUG2UXMVMFMTU4ONJVDEHY2LW2/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-4048", datePublished: "2021-12-08T21:24:42", dateReserved: "2021-12-02T00:00:00", dateUpdated: "2024-08-03T17:16:03.570Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2990
Vulnerability from cvelistv5
Published
2022-09-13 13:44
Modified
2024-08-03 00:53
Severity ?
EPSS score ?
Summary
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/ | x_refsource_MISC | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2121453 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:53:00.654Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2121453", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "buildah", vendor: "n/a", versions: [ { status: "affected", version: "no fixed version known", }, ], }, ], descriptions: [ { lang: "en", value: "An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-842", description: "CWE-842", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-13T13:44:21", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2121453", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2022-2990", datePublished: "2022-09-13T13:44:21", dateReserved: "2022-08-25T00:00:00", dateUpdated: "2024-08-03T00:53:00.654Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22662
Vulnerability from cvelistv5
Published
2022-05-26 17:40
Modified
2024-08-03 03:21
Severity ?
EPSS score ?
Summary
A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.apple.com/en-us/HT213184 | x_refsource_MISC | |
| https://support.apple.com/en-us/HT213185 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2022/07/05/3 | mailing-list, x_refsource_MLIST | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANNHXXARVBRGI74TVQNZOAG6P7AGSMUJ/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33BWWAQLLBHKGSI332ZZCORTFZ2XLOIH/ | vendor-advisory, x_refsource_FEDORA | |
| https://security.gentoo.org/glsa/202208-39 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:21:48.975Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213184", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://support.apple.com/en-us/HT213185", }, { name: "[oss-security] 20220705 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0006", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/07/05/3", }, { name: "FEDORA-2022-fdb75e7766", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANNHXXARVBRGI74TVQNZOAG6P7AGSMUJ/", }, { name: "FEDORA-2022-6b749525f3", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33BWWAQLLBHKGSI332ZZCORTFZ2XLOIH/", }, { name: "GLSA-202208-39", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-39", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "macOS", vendor: "Apple", versions: [ { lessThan: "11.6", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "macOS", vendor: "Apple", versions: [ { lessThan: "2022", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information.", }, ], problemTypes: [ { descriptions: [ { description: "Processing maliciously crafted web content may disclose sensitive user information", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-01T02:06:57", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213184", }, { tags: [ "x_refsource_MISC", ], url: "https://support.apple.com/en-us/HT213185", }, { name: "[oss-security] 20220705 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0006", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2022/07/05/3", }, { name: "FEDORA-2022-fdb75e7766", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANNHXXARVBRGI74TVQNZOAG6P7AGSMUJ/", }, { name: "FEDORA-2022-6b749525f3", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33BWWAQLLBHKGSI332ZZCORTFZ2XLOIH/", }, { name: "GLSA-202208-39", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-39", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "product-security@apple.com", ID: "CVE-2022-22662", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "macOS", version: { version_data: [ { version_affected: "<", version_value: "11.6", }, ], }, }, { product_name: "macOS", version: { version_data: [ { version_affected: "<", version_value: "2022", }, ], }, }, ], }, vendor_name: "Apple", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A cookie management issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Processing maliciously crafted web content may disclose sensitive user information", }, ], }, ], }, references: { reference_data: [ { name: "https://support.apple.com/en-us/HT213184", refsource: "MISC", url: "https://support.apple.com/en-us/HT213184", }, { name: "https://support.apple.com/en-us/HT213185", refsource: "MISC", url: "https://support.apple.com/en-us/HT213185", }, { name: "[oss-security] 20220705 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0006", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2022/07/05/3", }, { name: "FEDORA-2022-fdb75e7766", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANNHXXARVBRGI74TVQNZOAG6P7AGSMUJ/", }, { name: "FEDORA-2022-6b749525f3", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33BWWAQLLBHKGSI332ZZCORTFZ2XLOIH/", }, { name: "GLSA-202208-39", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-39", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2022-22662", datePublished: "2022-05-26T17:40:10", dateReserved: "2022-01-05T00:00:00", dateUpdated: "2024-08-03T03:21:48.975Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30293
Vulnerability from cvelistv5
Published
2022-05-06 04:33
Modified
2024-08-03 06:48
Severity ?
EPSS score ?
Summary
In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0 | x_refsource_MISC | |
| https://bugs.webkit.org/show_bug.cgi?id=237187 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2022/05/30/1 | mailing-list, x_refsource_MLIST | |
| https://www.debian.org/security/2022/dsa-5154 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.debian.org/security/2022/dsa-5155 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/202208-39 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:48:36.424Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.webkit.org/show_bug.cgi?id=237187", }, { name: "[oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/05/30/1", }, { name: "DSA-5154", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5154", }, { name: "DSA-5155", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5155", }, { name: "GLSA-202208-39", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-39", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-01T02:07:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.webkit.org/show_bug.cgi?id=237187", }, { name: "[oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2022/05/30/1", }, { name: "DSA-5154", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5154", }, { name: "DSA-5155", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5155", }, { name: "GLSA-202208-39", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-39", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-30293", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0", refsource: "MISC", url: "https://github.com/ChijinZ/security_advisories/tree/master/webkitgtk-2.36.0", }, { name: "https://bugs.webkit.org/show_bug.cgi?id=237187", refsource: "MISC", url: "https://bugs.webkit.org/show_bug.cgi?id=237187", }, { name: "[oss-security] 20220530 WebKitGTK and WPE WebKit Security Advisory WSA-2022-0005", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2022/05/30/1", }, { name: "DSA-5154", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5154", }, { name: "DSA-5155", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5155", }, { name: "GLSA-202208-39", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-39", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-30293", datePublished: "2022-05-06T04:33:24", dateReserved: "2022-05-06T00:00:00", dateUpdated: "2024-08-03T06:48:36.424Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-26717
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2024-08-03 05:11
Severity ?
EPSS score ?
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:11:44.198Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213258", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213253", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213254", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213257", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213259", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/en-us/HT213260", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "macOS", vendor: "Apple", versions: [ { lessThan: "12.4", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "macOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "8.6", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "12.12", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, { product: "watchOS", vendor: "Apple", versions: [ { lessThan: "15.5", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.", }, ], problemTypes: [ { descriptions: [ { description: "Processing maliciously crafted web content may lead to arbitrary code execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-01T00:00:00", orgId: "286789f9-fbc2-4510-9f9a-43facdede74c", shortName: "apple", }, references: [ { url: "https://support.apple.com/en-us/HT213258", }, { url: "https://support.apple.com/en-us/HT213253", }, { url: "https://support.apple.com/en-us/HT213254", }, { url: "https://support.apple.com/en-us/HT213257", }, { url: "https://support.apple.com/en-us/HT213259", }, { url: "https://support.apple.com/en-us/HT213260", }, ], }, }, cveMetadata: { assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c", assignerShortName: "apple", cveId: "CVE-2022-26717", datePublished: "2022-11-01T00:00:00", dateReserved: "2022-03-08T00:00:00", dateUpdated: "2024-08-03T05:11:44.198Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.