{"vulnerability": "cve-2022-4134", "sightings": [{"uuid": "b7f8a42b-4d41-4cdb-909d-802bc2752b45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41342", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mcx3j6ayro2o", "content": "", "creation_timestamp": "2026-01-21T16:25:12.672005Z"}, {"uuid": "c9880c77-35e1-4806-9b6f-dcca42a86ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2022-41342", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "f52ef812-f56d-4766-85ea-98a14ba0b035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4134", "type": "seen", "source": "Telegram/dCtKy9-ZEBl-2g8C-pvIp5Q61osSzYS3maxPd9vDQDi9fG-B", "content": "", "creation_timestamp": "2025-03-08T04:34:11.000000Z"}, {"uuid": "e8754631-7491-4499-8f5c-48cd7594d6c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4134", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6751", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4134\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.\n\ud83d\udccf Published: 2023-03-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-06T19:53:42.138Z\n\ud83d\udd17 References:\n1. https://bugzilla.redhat.com/show_bug.cgi?id=2147462\n2. https://bugs.launchpad.net/glance/+bug/1990157\n3. https://wiki.openstack.org/wiki/OSSN/OSSN-0090", "creation_timestamp": "2025-03-06T20:34:17.000000Z"}, {"uuid": "a38a70d7-f25b-463e-84a9-69c5e155e870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41340", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17301", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41340\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery.\n\ud83d\udccf Published: 2022-09-24T18:22:27.000Z\n\ud83d\udccf Modified: 2025-05-22T14:15:29.734Z\n\ud83d\udd17 References:\n1. https://github.com/lionello/secp256k1-js/issues/11\n2. https://github.com/lionello/secp256k1-js/commit/302800f0370b42e360a33774bb808274ac729c2e\n3. https://github.com/lionello/secp256k1-js/compare/1.0.1...1.1.0\n4. https://www.npmjs.com/package/%40lionello/secp256k1-js", "creation_timestamp": "2025-05-22T14:44:57.000000Z"}, {"uuid": "2292bac8-ceac-4da0-aa3c-d0f9aa1f4a10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41343", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/171", "content": "Top Security News for 07/10/2022\n\nDetails Released for Recently Patched new macOS Archive Utility Vulnerability\nhttps://thehackernews.com/2022/10/details-released-for-recently-patched.html \n\nNetWalker Ransomware Scumbag Jailed For 20 Years\nhttps://packetstormsecurity.com/news/view/33919/NetWalker-Ransomware-Scumbag-Jailed-For-20-Years.html \n\nISC StormCast for Friday, October 7th, 2022\nhttps://isc.sans.edu/podcastdetail.html?id=8204 \n\nGovernment considers centralising digital ID verification on myGov in wake of Optus breach\nhttps://www.theguardian.com/technology/2022/oct/07/government-considers-centralising-digital-id-verification-on-mygov-in-wake-of-optus-breach \n\nCVE-2022-41343 - RCE via Phar Deserialisation (Dompdf)\nhttps://www.reddit.com/r/netsec/comments/xwyf9o/cve202241343_rce_via_phar_deserialisation_dompdf/ \n\nFully loaded: testing vulnerable PyYAML versions\nhttps://www.reddit.com/r/netsec/comments/xxc2aa/fully_loaded_testing_vulnerable_pyyaml_versions/ \n\nDashlane launches new Dark Web Insights tool, MFA authenticator app, small biz Starter plan\nhttps://www.csoonline.com/article/3675559/dashlane-launches-new-dark-web-insights-tool-mfa-authenticator-app-small-biz-starter-plan.html#tk.rss_all \n\nFormer Uber Security Chief Found Guilty of Data Breach Coverup\nhttps://thehackernews.com/2022/10/former-uber-security-chief-found-guilty.html \n\nTransUnion taps behavioral analytics to aid fraud detection, curb false positives\nhttps://www.csoonline.com/article/3675955/transunion-taps-behavioral-analytics-to-aid-fraud-detection-curb-false-positives.html#tk.rss_all \n\nRansomware review: September 2022\nhttps://www.malwarebytes.com/blog/threat-intelligence/2022/10/ransomware-review-september-2022 \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-10-07T07:00:05.000000Z"}, {"uuid": "9da67ae1-cb8c-4796-ade6-17ceba849d59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41348", "type": "published-proof-of-concept", "source": "Telegram/WcbjutpukULwzbhsatuPmec23rm-hdHE66hv1gH1zqpj-cA", "content": "", "creation_timestamp": "2023-04-11T19:19:16.000000Z"}, {"uuid": "c3ca1d30-3963-4be5-bb61-4b40aa21d20b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41348", "type": "published-proof-of-concept", "source": "Telegram/iBKmJ7ct3iv6AulerCEqKJ4U12TGvk1yrg27yvLALxnnOg", "content": "", "creation_timestamp": "2023-04-14T17:40:54.000000Z"}, {"uuid": "22baf47b-8872-4976-8b26-83864dce3dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41348", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/682", "content": "\ud83d\udca5Stored XSS in Zimbra version 8.8.15_GA_4059(CVE-2022-41348)\nThe Zimbra web client application allows users to create Conversations. It was discovered that the name of the Conversation is not properly encoded once displayed to users. For instance, creating a new conversation with the following name would trigger the execution of JavaScript code: \"This is a new conversation meeting - \"", "creation_timestamp": "2023-04-13T07:13:08.000000Z"}, {"uuid": "7e598a0d-9387-4dad-9c19-882ebfd7a62e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4134", "type": "seen", "source": "https://t.me/cibsecurity/59541", "content": "\u203c CVE-2022-4134 \u203c\n\nA flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T02:13:33.000000Z"}, {"uuid": "f86b412b-bb4d-4653-a4d1-657ba3ab9674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41343", "type": "seen", "source": "https://t.me/cibsecurity/50457", "content": "\u203c CVE-2022-41343 \u203c\n\nregisterFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-25T22:21:21.000000Z"}, {"uuid": "f76bc934-c097-4581-8c2a-bf75dbfa456d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41347", "type": "seen", "source": "https://t.me/cibsecurity/50458", "content": "\u203c CVE-2022-41347 \u203c\n\nAn issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-26T07:22:08.000000Z"}, {"uuid": "f3e4378b-5233-4846-b986-0d2282b4c8c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41343", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6562", "content": "CVE-2022-41343 - RCE via Phar Deserialisation (Dompdf) \n\nhttps://tantosec.com/blog/cve-2022-41343/", "creation_timestamp": "2022-10-06T13:31:23.000000Z"}, {"uuid": "a6479866-efcc-46f8-954c-61b5beb4ac1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41343", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6936", "content": "#exploit\n1. CVE-2022-41343:\nRCE via Phar Deserialisation\nhttps://tantosec.com/blog/cve-2022-41343\n\n2. CVE-2021-29156:\nForgeRock OpenAM - LDAP injection via the Webfinger protocol\nhttps://github.com/5amu/CVE-2021-29156", "creation_timestamp": "2022-10-08T13:12:01.000000Z"}]}