Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2022-1461
Vulnerability from csaf_certbund
Published
2022-09-18 22:00
Modified
2023-06-20 22:00
Summary
IBM Spectrum Protect: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Spectrum Protect ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode mit Administratorrechten auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-1461 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1461.json", }, { category: "self", summary: "WID-SEC-2022-1461 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1461", }, { category: "external", summary: "IBM Security Bulletin 7005589 vom 2023-06-21", url: "https://www.ibm.com/support/pages/node/7005589", }, { category: "external", summary: "IBM Security Bulletin: 6620211 vom 2022-09-18", url: "https://www.ibm.com/support/pages/node/6620211", }, { category: "external", summary: "IBM Security Bulletin: 6619915 vom 2022-09-18", url: "https://www.ibm.com/support/pages/node/6619915", }, { category: "external", summary: "IBM Security Bulletin: 6621141 vom 2022-09-18", url: "https://www.ibm.com/support/pages/node/6621141", }, { category: "external", summary: "IBM Security Bulletin: 6619963 vom 2022-09-18", url: "https://www.ibm.com/support/pages/node/6619963", }, { category: "external", summary: "IBM Security Bulletin: 6621115 vom 2022-09-18", url: "https://www.ibm.com/support/pages/node/6621115", }, { category: "external", summary: "IBM Security Bulletin: 6619919 vom 2022-09-18", url: "https://www.ibm.com/support/pages/node/6619919", }, { category: "external", summary: "IBM Security Bulletin: 6619947 vom 2022-09-18", url: "https://www.ibm.com/support/pages/node/6619947", }, { category: "external", summary: "IBM Security Bulletin: 6619975 vom 2022-09-18", url: "https://www.ibm.com/support/pages/node/6619975", }, { category: "external", summary: "IBM Security Bulletin: 6620209 vom 2022-09-18", url: "https://www.ibm.com/support/pages/node/6620209", }, ], source_lang: "en-US", title: "IBM Spectrum Protect: Mehrere Schwachstellen", tracking: { current_release_date: "2023-06-20T22:00:00.000+00:00", generator: { date: "2024-08-15T17:35:19.173+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-1461", initial_release_date: "2022-09-18T22:00:00.000+00:00", revision_history: [ { date: "2022-09-18T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-06-20T22:00:00.000+00:00", number: "2", summary: "Neue Updates von IBM aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "IBM Spectrum Protect plus 10.1", product: { name: "IBM Spectrum Protect plus 10.1", product_id: "T015895", product_identification_helper: { cpe: "cpe:/a:ibm:spectrum_protect:plus_10.1", }, }, }, { category: "product_name", name: "IBM Spectrum Protect < 10.1.12", product: { name: "IBM Spectrum Protect < 10.1.12", product_id: "T024647", product_identification_helper: { cpe: "cpe:/a:ibm:spectrum_protect:10.1.12", }, }, }, { category: "product_name", name: "IBM Spectrum Protect < 8.1.16", product: { name: "IBM Spectrum Protect < 8.1.16", product_id: "T024648", product_identification_helper: { cpe: "cpe:/a:ibm:spectrum_protect:8.1.16", }, }, }, ], category: "product_name", name: "Spectrum Protect", }, ], category: "vendor", name: "IBM", }, ], }, vulnerabilities: [ { cve: "CVE-2018-25032", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2018-25032", }, { cve: "CVE-2021-22946", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2021-22946", }, { cve: "CVE-2021-22947", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2021-22947", }, { cve: "CVE-2021-3759", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2021-3759", }, { cve: "CVE-2021-42550", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2021-42550", }, { cve: "CVE-2022-1292", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-1292", }, { cve: "CVE-2022-1705", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-1705", }, { cve: "CVE-2022-2068", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-2068", }, { cve: "CVE-2022-2097", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-2097", }, { cve: "CVE-2022-22389", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-22389", }, { cve: "CVE-2022-22390", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-22390", }, { cve: "CVE-2022-22476", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-22476", }, { cve: "CVE-2022-22576", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-22576", }, { cve: "CVE-2022-23772", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-23772", }, { cve: "CVE-2022-23773", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-23773", }, { cve: "CVE-2022-23806", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-23806", }, { cve: "CVE-2022-24675", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-24675", }, { cve: "CVE-2022-27774", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-27774", }, { cve: "CVE-2022-27776", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-27776", }, { cve: "CVE-2022-27782", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-27782", }, { cve: "CVE-2022-29361", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-29361", }, { cve: "CVE-2022-29526", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-29526", }, { cve: "CVE-2022-29804", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-29804", }, { cve: "CVE-2022-30580", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-30580", }, { cve: "CVE-2022-30629", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-30629", }, { cve: "CVE-2022-30631", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-30631", }, { cve: "CVE-2022-30633", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-30633", }, { cve: "CVE-2022-30634", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-30634", }, { cve: "CVE-2022-31028", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-31028", }, { cve: "CVE-2022-32212", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-32212", }, { cve: "CVE-2022-32213", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-32213", }, { cve: "CVE-2022-32214", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-32214", }, { cve: "CVE-2022-32215", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-32215", }, { cve: "CVE-2022-32222", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-32222", }, { cve: "CVE-2022-32223", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-32223", }, { cve: "CVE-2022-33987", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-33987", }, { cve: "CVE-2022-35919", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-35919", }, { cve: "CVE-2022-40234", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-40234", }, { cve: "CVE-2022-40608", notes: [ { category: "description", text: "In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.", }, ], product_status: { known_affected: [ "T015895", ], }, release_date: "2022-09-18T22:00:00.000+00:00", title: "CVE-2022-40608", }, ], }
cve-2022-40608
Vulnerability from cvelistv5
Published
2022-09-19 17:25
Modified
2024-09-17 01:06
Severity ?
EPSS score ?
Summary
IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the operator should not have access to. IBM X-Force ID: 235873.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6620209 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/235873 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Spectrum Protect Plus |
Version: 10.1.6 Version: 10.1.11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:21:46.266Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.ibm.com/support/pages/node/6620209", }, { name: "ibm-spectrum-cve202240608-dir-traversal (235873)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/235873", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Spectrum Protect Plus", vendor: "IBM", versions: [ { status: "affected", version: "10.1.6", }, { status: "affected", version: "10.1.11", }, ], }, ], datePublic: "2022-09-17T00:00:00", descriptions: [ { lang: "en", value: "IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the operator should not have access to. IBM X-Force ID: 235873.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitCodeMaturity: "UNPROVEN", integrityImpact: "NONE", privilegesRequired: "NONE", remediationLevel: "OFFICIAL_FIX", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 5.2, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.0/A:N/I:N/PR:N/AC:H/C:H/AV:N/UI:N/S:U/RC:C/E:U/RL:O", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Obtain Information", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-19T17:25:13", orgId: "9a959283-ebb5-44b6-b705-dcc2bbced522", shortName: "ibm", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.ibm.com/support/pages/node/6620209", }, { name: "ibm-spectrum-cve202240608-dir-traversal (235873)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/235873", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@us.ibm.com", DATE_PUBLIC: "2022-09-17T00:00:00", ID: "CVE-2022-40608", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Spectrum Protect Plus", version: { version_data: [ { version_value: "10.1.6", }, { version_value: "10.1.11", }, ], }, }, ], }, vendor_name: "IBM", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IBM Spectrum Protect Plus 10.1.6 through 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the operator should not have access to. IBM X-Force ID: 235873.", }, ], }, impact: { cvssv3: { BM: { A: "N", AC: "H", AV: "N", C: "H", I: "N", PR: "N", S: "U", UI: "N", }, TM: { E: "U", RC: "C", RL: "O", }, }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Obtain Information", }, ], }, ], }, references: { reference_data: [ { name: "https://www.ibm.com/support/pages/node/6620209", refsource: "CONFIRM", title: "IBM Security Bulletin 6620209 (Spectrum Protect Plus)", url: "https://www.ibm.com/support/pages/node/6620209", }, { name: "ibm-spectrum-cve202240608-dir-traversal (235873)", refsource: "XF", title: "X-Force Vulnerability Report", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/235873", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9a959283-ebb5-44b6-b705-dcc2bbced522", assignerShortName: "ibm", cveId: "CVE-2022-40608", datePublished: "2022-09-19T17:25:13.593524Z", dateReserved: "2022-09-12T00:00:00", dateUpdated: "2024-09-17T01:06:47.956Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-42550
Vulnerability from cvelistv5
Published
2021-12-16 00:00
Modified
2024-08-04 03:38
Severity ?
EPSS score ?
Summary
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:38:49.194Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "http://logback.qos.ch/news.html", }, { tags: [ "x_transferred", ], url: "https://github.com/cn-panda/logbackRceDemo", }, { tags: [ "x_transferred", ], url: "https://jira.qos.ch/browse/LOGBACK-1591", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211229-0001/", }, { name: "20220721 Open-Xchange Security Advisory 2022-07-21", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-371761.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "logback", vendor: "QOS.ch", versions: [ { lessThan: "1.2.9", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "1.3.0-alpha11", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-502", description: "CWE-502 Deserialization of Untrusted Data", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-11-08T00:00:00", orgId: "455daabc-a392-441d-aa46-37d35189897c", shortName: "NCSC.ch", }, references: [ { url: "http://logback.qos.ch/news.html", }, { url: "https://github.com/cn-panda/logbackRceDemo", }, { url: "https://jira.qos.ch/browse/LOGBACK-1591", }, { url: "https://security.netapp.com/advisory/ntap-20211229-0001/", }, { name: "20220721 Open-Xchange Security Advisory 2022-07-21", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Jul/11", }, { url: "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-371761.pdf", }, ], solutions: [ { lang: "en", value: "upgrade to >=1.2.9 or >=1.3.0-alpha11", }, ], source: { discovery: "EXTERNAL", }, title: "RCE from attacker with configuration edit priviledges through JNDI lookup ", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "455daabc-a392-441d-aa46-37d35189897c", assignerShortName: "NCSC.ch", cveId: "CVE-2021-42550", datePublished: "2021-12-16T00:00:00", dateReserved: "2021-10-15T00:00:00", dateUpdated: "2024-08-04T03:38:49.194Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24675
Vulnerability from cvelistv5
Published
2022-04-20 00:00
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:20:49.135Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/oecdBNLOml8", }, { name: "FEDORA-2022-a49babed75", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/", }, { name: "FEDORA-2022-c0f780ecf1", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/", }, { name: "FEDORA-2022-e46e6e8317", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/", }, { name: "FEDORA-2022-fae3ecee19", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { name: "FEDORA-2022-ba365d3703", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { name: "GLSA-202208-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-02", }, { name: "FEDORA-2022-30c5ed5625", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220915-0010/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-14T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://groups.google.com/g/golang-announce", }, { url: "https://groups.google.com/g/golang-announce/c/oecdBNLOml8", }, { name: "FEDORA-2022-a49babed75", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/", }, { name: "FEDORA-2022-c0f780ecf1", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/", }, { name: "FEDORA-2022-e46e6e8317", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/", }, { name: "FEDORA-2022-fae3ecee19", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { name: "FEDORA-2022-ba365d3703", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { name: "GLSA-202208-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202208-02", }, { name: "FEDORA-2022-30c5ed5625", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, { url: "https://security.netapp.com/advisory/ntap-20220915-0010/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-24675", datePublished: "2022-04-20T00:00:00", dateReserved: "2022-02-08T00:00:00", dateUpdated: "2024-08-03T04:20:49.135Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-29526
Vulnerability from cvelistv5
Published
2022-06-22 13:15
Modified
2024-08-03 06:26
Severity ?
EPSS score ?
Summary
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:26:06.342Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://groups.google.com/g/golang-announce", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/golang/go/issues/52313", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { name: "FEDORA-2022-fae3ecee19", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { name: "FEDORA-2022-ffe7dba2cb", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { name: "FEDORA-2022-ba365d3703", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { name: "GLSA-202208-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-02", }, { name: "FEDORA-2022-30c5ed5625", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-17T03:08:35", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://groups.google.com/g/golang-announce", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/golang/go/issues/52313", }, { tags: [ "x_refsource_MISC", ], url: "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { name: "FEDORA-2022-fae3ecee19", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { name: "FEDORA-2022-ffe7dba2cb", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { name: "FEDORA-2022-ba365d3703", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { name: "GLSA-202208-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-02", }, { name: "FEDORA-2022-30c5ed5625", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-29526", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://groups.google.com/g/golang-announce", refsource: "MISC", url: "https://groups.google.com/g/golang-announce", }, { name: "https://github.com/golang/go/issues/52313", refsource: "MISC", url: "https://github.com/golang/go/issues/52313", }, { name: "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", refsource: "MISC", url: "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU", }, { name: "FEDORA-2022-fae3ecee19", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/", }, { name: "FEDORA-2022-ffe7dba2cb", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/", }, { name: "FEDORA-2022-ba365d3703", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/", }, { name: "https://security.netapp.com/advisory/ntap-20220729-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220729-0001/", }, { name: "GLSA-202208-02", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-02", }, { name: "FEDORA-2022-30c5ed5625", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-29526", datePublished: "2022-06-22T13:15:32", dateReserved: "2022-04-20T00:00:00", dateUpdated: "2024-08-03T06:26:06.342Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-33987
Vulnerability from cvelistv5
Published
2022-06-18 20:51
Modified
2024-08-03 08:16
Severity ?
EPSS score ?
Summary
The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/sindresorhus/got/pull/2047 | x_refsource_MISC | |
| https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0 | x_refsource_MISC | |
| https://github.com/sindresorhus/got/releases/tag/v11.8.5 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T08:16:16.308Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/sindresorhus/got/pull/2047", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/sindresorhus/got/releases/tag/v11.8.5", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-22T13:05:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/sindresorhus/got/pull/2047", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/sindresorhus/got/releases/tag/v11.8.5", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-33987", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/sindresorhus/got/pull/2047", refsource: "MISC", url: "https://github.com/sindresorhus/got/pull/2047", }, { name: "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0", refsource: "MISC", url: "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0", }, { name: "https://github.com/sindresorhus/got/releases/tag/v11.8.5", refsource: "MISC", url: "https://github.com/sindresorhus/got/releases/tag/v11.8.5", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-33987", datePublished: "2022-06-18T20:51:12", dateReserved: "2022-06-18T00:00:00", dateUpdated: "2024-08-03T08:16:16.308Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35919
Vulnerability from cvelistv5
Published
2022-08-01 00:00
Modified
2024-08-03 09:51
Severity ?
EPSS score ?
Summary
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for `admin:ServerUpdate` can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow access to contents at any arbitrary paths that are readable by MinIO process. Users are advised to upgrade. Users unable to upgrade may disable ServerUpdate API by denying the `admin:ServerUpdate` action for your admin users via IAM policies.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:51:58.534Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/minio/minio/security/advisories/GHSA-gr9v-6pcm-rqvg", }, { tags: [ "x_transferred", ], url: "https://github.com/minio/minio/pull/15429", }, { tags: [ "x_transferred", ], url: "https://github.com/minio/minio/commit/bc72e4226e669d98c8e0f3eccc9297be9251c692", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/175010/Minio-2022-07-29T19-40-48Z-Path-Traversal.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "minio", vendor: "minio", versions: [ { status: "affected", version: "< RELEASE.2022-07-29T19-40-48Z", }, ], }, ], descriptions: [ { lang: "en", value: "MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for `admin:ServerUpdate` can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow access to contents at any arbitrary paths that are readable by MinIO process. Users are advised to upgrade. Users unable to upgrade may disable ServerUpdate API by denying the `admin:ServerUpdate` action for your admin users via IAM policies.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-10T16:06:17.615108", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/minio/minio/security/advisories/GHSA-gr9v-6pcm-rqvg", }, { url: "https://github.com/minio/minio/pull/15429", }, { url: "https://github.com/minio/minio/commit/bc72e4226e669d98c8e0f3eccc9297be9251c692", }, { url: "http://packetstormsecurity.com/files/175010/Minio-2022-07-29T19-40-48Z-Path-Traversal.html", }, ], source: { advisory: "GHSA-gr9v-6pcm-rqvg", discovery: "UNKNOWN", }, title: "Authenticated requests for server update admin API allows path traversal in minio", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-35919", datePublished: "2022-08-01T00:00:00", dateReserved: "2022-07-15T00:00:00", dateUpdated: "2024-08-03T09:51:58.534Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-29361
Vulnerability from cvelistv5
Published
2022-05-24 23:56
Modified
2024-08-03 06:17
Severity ?
EPSS score ?
Summary
Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations involving development mode and an HTTP server from outside the Werkzeug project
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/pallets/werkzeug/commit/9a3a981d70d2e9ec3344b5192f86fcaf3210cd85 | x_refsource_MISC | |
| https://github.com/pallets/werkzeug/issues/2420 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:17:54.952Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/pallets/werkzeug/commit/9a3a981d70d2e9ec3344b5192f86fcaf3210cd85", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/pallets/werkzeug/issues/2420", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations involving development mode and an HTTP server from outside the Werkzeug project", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-29T15:57:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/pallets/werkzeug/commit/9a3a981d70d2e9ec3344b5192f86fcaf3210cd85", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/pallets/werkzeug/issues/2420", }, ], tags: [ "disputed", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-29361", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** DISPUTED ** Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations involving development mode and an HTTP server from outside the Werkzeug project.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/pallets/werkzeug/commit/9a3a981d70d2e9ec3344b5192f86fcaf3210cd85", refsource: "MISC", url: "https://github.com/pallets/werkzeug/commit/9a3a981d70d2e9ec3344b5192f86fcaf3210cd85", }, { name: "https://github.com/pallets/werkzeug/issues/2420", refsource: "MISC", url: "https://github.com/pallets/werkzeug/issues/2420", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-29361", datePublished: "2022-05-24T23:56:15", dateReserved: "2022-04-16T00:00:00", dateUpdated: "2024-08-03T06:17:54.952Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30629
Vulnerability from cvelistv5
Published
2022-08-09 20:17
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | crypto/tls |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:56:13.230Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://go.dev/cl/405994", }, { tags: [ "x_transferred", ], url: "https://go.googlesource.com/go/+/fe4de36198794c447fbd9d7cc2d7199a506c76a5", }, { tags: [ "x_transferred", ], url: "https://go.dev/issue/52814", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ", }, { tags: [ "x_transferred", ], url: "https://pkg.go.dev/vuln/GO-2022-0531", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "crypto/tls", product: "crypto/tls", programRoutines: [ { name: "serverHandshakeStateTLS13.sendSessionTickets", }, ], vendor: "Go standard library", versions: [ { lessThan: "1.17.11", status: "affected", version: "0", versionType: "semver", }, { lessThan: "1.18.3", status: "affected", version: "1.18.0-0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", value: "Github user @nervuri", }, ], descriptions: [ { lang: "en", value: "Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-200: Information Exposure", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-12T19:04:50.302Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://go.dev/cl/405994", }, { url: "https://go.googlesource.com/go/+/fe4de36198794c447fbd9d7cc2d7199a506c76a5", }, { url: "https://go.dev/issue/52814", }, { url: "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ", }, { url: "https://pkg.go.dev/vuln/GO-2022-0531", }, ], title: "Session tickets lack random ticket_age_add in crypto/tls", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2022-30629", datePublished: "2022-08-09T20:17:31", dateReserved: "2022-05-12T00:00:00", dateUpdated: "2024-08-03T06:56:13.230Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-27776
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-11-20 15:23
Severity ?
EPSS score ?
Summary
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: fixed in curl 7.83.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:32:59.926Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1547048", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220609-0008/", }, { name: "DSA-5197", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", }, { name: "FEDORA-2022-f83aec6d57", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/", }, { name: "FEDORA-2022-bca2c95559", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202212-01", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-27776", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-20T15:23:04.795275Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T15:23:17.772Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "https://github.com/curl/curl", vendor: "n/a", versions: [ { status: "affected", version: "fixed in curl 7.83.0", }, ], }, ], descriptions: [ { lang: "en", value: "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-522", description: "Insufficiently Protected Credentials (CWE-522)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-19T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1547048", }, { url: "https://security.netapp.com/advisory/ntap-20220609-0008/", }, { name: "DSA-5197", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", }, { name: "FEDORA-2022-f83aec6d57", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/", }, { name: "FEDORA-2022-bca2c95559", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202212-01", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-27776", datePublished: "2022-06-01T00:00:00", dateReserved: "2022-03-23T00:00:00", dateUpdated: "2024-11-20T15:23:17.772Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23772
Vulnerability from cvelistv5
Published
2022-02-11 00:11
Modified
2024-08-03 03:51
Severity ?
EPSS score ?
Summary
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html | mailing-list, x_refsource_MLIST | |
| https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html | mailing-list, x_refsource_MLIST | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220225-0006/ | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/202208-02 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:51:46.050Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html", }, { name: "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220225-0006/", }, { name: "GLSA-202208-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-04T15:08:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html", }, { name: "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220225-0006/", }, { name: "GLSA-202208-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-02", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-23772", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html", }, { name: "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", refsource: "MISC", url: "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", }, { name: "https://security.netapp.com/advisory/ntap-20220225-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220225-0006/", }, { name: "GLSA-202208-02", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-02", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-23772", datePublished: "2022-02-11T00:11:15", dateReserved: "2022-01-20T00:00:00", dateUpdated: "2024-08-03T03:51:46.050Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22390
Vulnerability from cvelistv5
Published
2022-06-24 16:45
Modified
2024-09-16 16:43
Severity ?
EPSS score ?
Summary
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6597993 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/221973 | vdb-entry, x_refsource_XF | |
| https://security.netapp.com/advisory/ntap-20220729-0007/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | DB2 for Linux, UNIX and Windows |
Version: 10.5 Version: 10.1 Version: 9.7 Version: 11.1 Version: 11.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:54.684Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.ibm.com/support/pages/node/6597993", }, { name: "ibm-db2-cve202222390-info-disc (221973)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221973", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220729-0007/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "DB2 for Linux, UNIX and Windows", vendor: "IBM", versions: [ { status: "affected", version: "10.5", }, { status: "affected", version: "10.1", }, { status: "affected", version: "9.7", }, { status: "affected", version: "11.1", }, { status: "affected", version: "11.5", }, ], }, ], datePublic: "2022-06-23T00:00:00", descriptions: [ { lang: "en", value: "IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitCodeMaturity: "UNPROVEN", integrityImpact: "NONE", privilegesRequired: "NONE", remediationLevel: "OFFICIAL_FIX", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 5.4, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.0/AC:L/PR:N/UI:N/A:N/C:H/I:N/S:U/AV:L/RC:C/E:U/RL:O", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Obtain Information", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-29T19:07:39", orgId: "9a959283-ebb5-44b6-b705-dcc2bbced522", shortName: "ibm", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.ibm.com/support/pages/node/6597993", }, { name: "ibm-db2-cve202222390-info-disc (221973)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221973", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220729-0007/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@us.ibm.com", DATE_PUBLIC: "2022-06-23T00:00:00", ID: "CVE-2022-22390", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "DB2 for Linux, UNIX and Windows", version: { version_data: [ { version_value: "10.5", }, { version_value: "10.1", }, { version_value: "9.7", }, { version_value: "11.1", }, { version_value: "11.5", }, ], }, }, ], }, vendor_name: "IBM", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973.", }, ], }, impact: { cvssv3: { BM: { A: "N", AC: "L", AV: "L", C: "H", I: "N", PR: "N", S: "U", UI: "N", }, TM: { E: "U", RC: "C", RL: "O", }, }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Obtain Information", }, ], }, ], }, references: { reference_data: [ { name: "https://www.ibm.com/support/pages/node/6597993", refsource: "CONFIRM", title: "IBM Security Bulletin 6597993 (DB2 for Linux, UNIX and Windows)", url: "https://www.ibm.com/support/pages/node/6597993", }, { name: "ibm-db2-cve202222390-info-disc (221973)", refsource: "XF", title: "X-Force Vulnerability Report", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221973", }, { name: "https://security.netapp.com/advisory/ntap-20220729-0007/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220729-0007/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9a959283-ebb5-44b6-b705-dcc2bbced522", assignerShortName: "ibm", cveId: "CVE-2022-22390", datePublished: "2022-06-24T16:45:19.526105Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-16T16:43:54.489Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1705
Vulnerability from cvelistv5
Published
2022-08-09 20:16
Modified
2024-08-03 00:10
Severity ?
EPSS score ?
Summary
Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | net/http |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:10:03.918Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://go.dev/cl/409874", }, { tags: [ "x_transferred", ], url: "https://go.googlesource.com/go/+/e5017a93fcde94f09836200bca55324af037ee5f", }, { tags: [ "x_transferred", ], url: "https://go.dev/issue/53188", }, { tags: [ "x_transferred", ], url: "https://go.dev/cl/410714", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", }, { tags: [ "x_transferred", ], url: "https://pkg.go.dev/vuln/GO-2022-0525", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "net/http", product: "net/http", programRoutines: [ { name: "transferReader.parseTransferEncoding", }, ], vendor: "Go standard library", versions: [ { lessThan: "1.17.12", status: "affected", version: "0", versionType: "semver", }, { lessThan: "1.18.4", status: "affected", version: "1.18.0-0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", value: "Zeyu Zhang (https://www.zeyu2001.com/)", }, ], descriptions: [ { lang: "en", value: "Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-12T19:04:43.089Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://go.dev/cl/409874", }, { url: "https://go.googlesource.com/go/+/e5017a93fcde94f09836200bca55324af037ee5f", }, { url: "https://go.dev/issue/53188", }, { url: "https://go.dev/cl/410714", }, { url: "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", }, { url: "https://pkg.go.dev/vuln/GO-2022-0525", }, ], title: "Improper sanitization of Transfer-Encoding headers in net/http", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2022-1705", datePublished: "2022-08-09T20:16:57", dateReserved: "2022-05-13T00:00:00", dateUpdated: "2024-08-03T00:10:03.918Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22476
Vulnerability from cvelistv5
Published
2022-07-08 17:45
Modified
2024-09-16 20:21
Severity ?
EPSS score ?
Summary
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6602015 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/225604 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | WebSphere Application Server Liberty |
Version: 17.0.0.3 Version: 22.0.0.7 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.339Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.ibm.com/support/pages/node/6602015", }, { name: "ibm-websphere-cve202222476-spoofing (225604)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/225604", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "WebSphere Application Server Liberty", vendor: "IBM", versions: [ { status: "affected", version: "17.0.0.3", }, { status: "affected", version: "22.0.0.7", }, ], }, ], datePublic: "2022-07-07T00:00:00", descriptions: [ { lang: "en", value: "IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitCodeMaturity: "UNPROVEN", integrityImpact: "LOW", privilegesRequired: "LOW", remediationLevel: "OFFICIAL_FIX", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 4.4, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.0/C:L/PR:L/A:L/AC:H/AV:N/UI:N/S:U/I:L/E:U/RL:O/RC:C", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Gain Privileges", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-08T17:45:25", orgId: "9a959283-ebb5-44b6-b705-dcc2bbced522", shortName: "ibm", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.ibm.com/support/pages/node/6602015", }, { name: "ibm-websphere-cve202222476-spoofing (225604)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/225604", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@us.ibm.com", DATE_PUBLIC: "2022-07-07T00:00:00", ID: "CVE-2022-22476", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "WebSphere Application Server Liberty", version: { version_data: [ { version_value: "17.0.0.3", }, { version_value: "22.0.0.7", }, ], }, }, ], }, vendor_name: "IBM", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604.", }, ], }, impact: { cvssv3: { BM: { A: "L", AC: "H", AV: "N", C: "L", I: "L", PR: "L", S: "U", UI: "N", }, TM: { E: "U", RC: "C", RL: "O", }, }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Gain Privileges", }, ], }, ], }, references: { reference_data: [ { name: "https://www.ibm.com/support/pages/node/6602015", refsource: "CONFIRM", title: "IBM Security Bulletin 6602015 (WebSphere Application Server Liberty)", url: "https://www.ibm.com/support/pages/node/6602015", }, { name: "ibm-websphere-cve202222476-spoofing (225604)", refsource: "XF", title: "X-Force Vulnerability Report", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/225604", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9a959283-ebb5-44b6-b705-dcc2bbced522", assignerShortName: "ibm", cveId: "CVE-2022-22476", datePublished: "2022-07-08T17:45:25.568217Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-16T20:21:17.276Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22576
Vulnerability from cvelistv5
Published
2022-05-26 00:00
Modified
2024-08-03 03:14
Severity ?
EPSS score ?
Summary
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: Fixed in curl 7.83.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.806Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1526328", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220609-0008/", }, { name: "DSA-5197", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202212-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/curl/curl", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in curl 7.83.0", }, ], }, ], descriptions: [ { lang: "en", value: "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "Improper Authentication - Generic (CWE-287)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-19T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1526328", }, { url: "https://security.netapp.com/advisory/ntap-20220609-0008/", }, { name: "DSA-5197", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202212-01", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-22576", datePublished: "2022-05-26T00:00:00", dateReserved: "2022-01-04T00:00:00", dateUpdated: "2024-08-03T03:14:55.806Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-22946
Vulnerability from cvelistv5
Published
2021-09-29 00:00
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: curl 7.20.0 to and including 7.78.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:58:26.135Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1334111", }, { name: "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html", }, { name: "FEDORA-2021-fc96a3a749", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "FEDORA-2021-1d24845e93", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211029-0003/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220121-0008/", }, { name: "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Mar/29", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213183", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "DSA-5197", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202212-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/curl/curl", vendor: "n/a", versions: [ { status: "affected", version: "curl 7.20.0 to and including 7.78.0", }, ], }, ], descriptions: [ { lang: "en", value: "A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-325", description: "Missing Required Cryptographic Step (CWE-325)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-19T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1334111", }, { name: "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html", }, { name: "FEDORA-2021-fc96a3a749", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "FEDORA-2021-1d24845e93", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20211029-0003/", }, { url: "https://security.netapp.com/advisory/ntap-20220121-0008/", }, { name: "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Mar/29", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { url: "https://support.apple.com/kb/HT213183", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "DSA-5197", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202212-01", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2021-22946", datePublished: "2021-09-29T00:00:00", dateReserved: "2021-01-06T00:00:00", dateUpdated: "2024-08-03T18:58:26.135Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32213
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/nodejs/node |
Version: Fixed in 14.20.1+, 16.17.1+,18.9.1+ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:56.004Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1524555", }, { name: "FEDORA-2022-52dec6351a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { name: "FEDORA-2022-1667f7b60a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { name: "FEDORA-2022-de515f765f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5326", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/nodejs/node", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in 14.20.1+, 16.17.1+,18.9.1+", }, ], }, ], descriptions: [ { lang: "en", value: "The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling (HRS).", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-444", description: "HTTP Request Smuggling (CWE-444)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-25T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { url: "https://hackerone.com/reports/1524555", }, { name: "FEDORA-2022-52dec6351a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { name: "FEDORA-2022-1667f7b60a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { name: "FEDORA-2022-de515f765f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5326", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-32213", datePublished: "2022-07-14T00:00:00", dateReserved: "2022-06-01T00:00:00", dateUpdated: "2024-08-03T07:32:56.004Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2068
Vulnerability from cvelistv5
Published
2022-06-21 14:45
Modified
2024-09-16 19:41
Severity ?
EPSS score ?
Summary
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:44.279Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20220621.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { name: "DSA-5169", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5169", }, { name: "FEDORA-2022-3b7d0abd0b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { name: "FEDORA-2022-41890e9e44", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3)", }, { status: "affected", version: "Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o)", }, { status: "affected", version: "Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze)", }, ], }, ], credits: [ { lang: "en", value: "Chancen (Qingteng 73lab)", }, ], datePublic: "2022-06-21T00:00:00", descriptions: [ { lang: "en", value: "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#Moderate", value: "Moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Command injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-10T00:00:00", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20220621.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", }, { name: "DSA-5169", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5169", }, { name: "FEDORA-2022-3b7d0abd0b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/", }, { url: "https://security.netapp.com/advisory/ntap-20220707-0008/", }, { name: "FEDORA-2022-41890e9e44", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, ], title: "The c_rehash script allows command injection", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2022-2068", datePublished: "2022-06-21T14:45:20.597138Z", dateReserved: "2022-06-13T00:00:00", dateUpdated: "2024-09-16T19:41:46.658Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32212
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/nodejs/node |
Version: Fixed in 14.20.1+, 16.17.1+,18.9.1+ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:56.009Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1632921", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/nodejs/node", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in 14.20.1+, 16.17.1+,18.9.1+", }, ], }, ], descriptions: [ { lang: "en", value: "A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "Improper Access Control - Generic (CWE-284)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-23T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1632921", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-32212", datePublished: "2022-07-14T00:00:00", dateReserved: "2022-06-01T00:00:00", dateUpdated: "2024-08-03T07:32:56.009Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30633
Vulnerability from cvelistv5
Published
2022-08-09 20:16
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | encoding/xml |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:56:13.196Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://go.dev/cl/417061", }, { tags: [ "x_transferred", ], url: "https://go.googlesource.com/go/+/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08", }, { tags: [ "x_transferred", ], url: "https://go.dev/issue/53611", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", }, { tags: [ "x_transferred", ], url: "https://pkg.go.dev/vuln/GO-2022-0523", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "encoding/xml", product: "encoding/xml", programRoutines: [ { name: "Decoder.DecodeElement", }, { name: "Decoder.unmarshal", }, { name: "Decoder.unmarshalPath", }, ], vendor: "Go standard library", versions: [ { lessThan: "1.17.12", status: "affected", version: "0", versionType: "semver", }, { lessThan: "1.18.4", status: "affected", version: "1.18.0-0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-674: Uncontrolled Recursion", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-12T19:04:39.511Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://go.dev/cl/417061", }, { url: "https://go.googlesource.com/go/+/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08", }, { url: "https://go.dev/issue/53611", }, { url: "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", }, { url: "https://pkg.go.dev/vuln/GO-2022-0523", }, ], title: "Stack exhaustion when unmarshaling certain documents in encoding/xml", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2022-30633", datePublished: "2022-08-09T20:16:19", dateReserved: "2022-05-12T00:00:00", dateUpdated: "2024-08-03T06:56:13.196Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-2097
Vulnerability from cvelistv5
Published
2022-07-05 10:30
Modified
2024-09-17 01:06
Severity ?
EPSS score ?
Summary
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:44.189Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20220705.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { name: "FEDORA-2022-3fdc2d3047", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { name: "FEDORA-2022-89a17be281", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { name: "FEDORA-2022-41890e9e44", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-02", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5343", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5343", }, { name: "[debian-lts-announce] 20230220 [SECURITY] [DLA 3325-1] openssl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:openssl:openssl:1.1.1:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "openssl", vendor: "openssl", versions: [ { lessThan: "1.1.1q", status: "affected", version: "1.1.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:openssl:openssl:3.0.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "openssl", vendor: "openssl", versions: [ { lessThan: "3.0.5", status: "affected", version: "3.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:netapp:ontap_antivirus_connector:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ontap_antivirus_connector", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "ontap_select_deploy_administration_utility", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "fedora", vendor: "fedoraproject", versions: [ { status: "affected", version: "35", }, { status: "affected", version: "36", }, ], }, { cpes: [ "cpe:2.3:a:netapp:active_iq_unified_manager_for_vmware_vsphere:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "active_iq_unified_manager_for_vmware_vsphere", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "hci_baseboard_management_controller", vendor: "netapp", versions: [ { status: "affected", version: "h300s", }, { status: "affected", version: "h410c", }, { status: "affected", version: "h410s", }, { status: "affected", version: "h500s", }, { status: "affected", version: "h700s", }, ], }, { cpes: [ "cpe:2.3:o:netapp:brocade_fabric_operating_system_firmware:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "brocade_fabric_operating_system_firmware", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:netapp:snapcenter:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "snapcenter", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:netapp:oncommand_insight:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "oncommand_insight", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:netapp:smi-s_provider:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "smi-s_provider", vendor: "netapp", versions: [ { status: "affected", version: "0", }, ], }, { cpes: [ "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sinec_ins", vendor: "siemens", versions: [ { lessThan: "1.0_sp2_update_1", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "debian_linux", vendor: "debian", versions: [ { status: "affected", version: "10.0", }, { status: "affected", version: "11.0", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2022-2097", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-26T19:45:07.166681Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-08T15:19:36.662Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4)", }, { status: "affected", version: "Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p)", }, ], }, ], credits: [ { lang: "en", value: "Alex Chernyakhovsky", }, ], datePublic: "2022-07-05T00:00:00", descriptions: [ { lang: "en", value: "AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#moderate", value: "Moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Fencepost error", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:07:25.963480", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20220705.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431", }, { name: "FEDORA-2022-3fdc2d3047", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/", }, { name: "FEDORA-2022-89a17be281", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/", }, { url: "https://security.netapp.com/advisory/ntap-20220715-0011/", }, { name: "FEDORA-2022-41890e9e44", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5343", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5343", }, { name: "[debian-lts-announce] 20230220 [SECURITY] [DLA 3325-1] openssl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html", }, { url: "https://security.netapp.com/advisory/ntap-20230420-0008/", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "AES OCB fails to encrypt some bytes", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2022-2097", datePublished: "2022-07-05T10:30:13.658000Z", dateReserved: "2022-06-16T00:00:00", dateUpdated: "2024-09-17T01:06:49.390Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30631
Vulnerability from cvelistv5
Published
2022-08-09 20:16
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | compress/gzip |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:56:13.231Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://go.dev/cl/417067", }, { tags: [ "x_transferred", ], url: "https://go.googlesource.com/go/+/b2b8872c876201eac2d0707276c6999ff3eb185e", }, { tags: [ "x_transferred", ], url: "https://go.dev/issue/53168", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", }, { tags: [ "x_transferred", ], url: "https://pkg.go.dev/vuln/GO-2022-0524", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "compress/gzip", product: "compress/gzip", programRoutines: [ { name: "Reader.Read", }, ], vendor: "Go standard library", versions: [ { lessThan: "1.17.12", status: "affected", version: "0", versionType: "semver", }, { lessThan: "1.18.4", status: "affected", version: "1.18.0-0", versionType: "semver", }, ], }, ], descriptions: [ { lang: "en", value: "Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-674: Uncontrolled Recursion", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-12T19:04:40.977Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://go.dev/cl/417067", }, { url: "https://go.googlesource.com/go/+/b2b8872c876201eac2d0707276c6999ff3eb185e", }, { url: "https://go.dev/issue/53168", }, { url: "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", }, { url: "https://pkg.go.dev/vuln/GO-2022-0524", }, ], title: "Stack exhaustion when reading certain archives in compress/gzip", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2022-30631", datePublished: "2022-08-09T20:16:32", dateReserved: "2022-05-12T00:00:00", dateUpdated: "2024-08-03T06:56:13.231Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32222
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/nodejs/node |
Version: Fixed in 18.9.1+ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:56.053Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1695596", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/nodejs/node", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in 18.9.1+", }, ], }, ], descriptions: [ { lang: "en", value: "A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-310", description: "Cryptographic Issues - Generic (CWE-310)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-23T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1695596", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-32222", datePublished: "2022-07-14T00:00:00", dateReserved: "2022-06-01T00:00:00", dateUpdated: "2024-08-03T07:32:56.053Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-29804
Vulnerability from cvelistv5
Published
2022-08-09 00:00
Modified
2024-08-03 06:33
Severity ?
EPSS score ?
Summary
Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | path/filepath |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:33:42.804Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://go.dev/cl/401595", }, { tags: [ "x_transferred", ], url: "https://go.googlesource.com/go/+/9cd1818a7d019c02fa4898b3e45a323e35033290", }, { tags: [ "x_transferred", ], url: "https://go.dev/issue/52476", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ", }, { tags: [ "x_transferred", ], url: "https://pkg.go.dev/vuln/GO-2022-0533", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "path/filepath", platforms: [ "windows", ], product: "path/filepath", programRoutines: [ { name: "Clean", }, ], vendor: "Go standard library", versions: [ { lessThan: "1.17.11", status: "affected", version: "0", versionType: "semver", }, { lessThan: "1.18.3", status: "affected", version: "1.18.0-0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", value: "Unrud", }, ], descriptions: [ { lang: "en", value: "Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-04T18:08:46.071Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://go.dev/cl/401595", }, { url: "https://go.googlesource.com/go/+/9cd1818a7d019c02fa4898b3e45a323e35033290", }, { url: "https://go.dev/issue/52476", }, { url: "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ", }, { url: "https://pkg.go.dev/vuln/GO-2022-0533", }, ], title: "Path traversal via Clean on Windows in path/filepath", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2022-29804", datePublished: "2022-08-09T00:00:00", dateReserved: "2022-04-26T00:00:00", dateUpdated: "2024-08-03T06:33:42.804Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32214
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/nodejs/node |
Version: Fixed in 14.20.1+, 16.17.1+,18.9.1+ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:55.986Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1524692", }, { name: "DSA-5326", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/nodejs/node", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in 14.20.1+, 16.17.1+,18.9.1+", }, ], }, ], descriptions: [ { lang: "en", value: "The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS).", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-444", description: "HTTP Request Smuggling (CWE-444)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-25T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { url: "https://hackerone.com/reports/1524692", }, { name: "DSA-5326", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-32214", datePublished: "2022-07-14T00:00:00", dateReserved: "2022-06-01T00:00:00", dateUpdated: "2024-08-03T07:32:55.986Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30580
Vulnerability from cvelistv5
Published
2022-08-09 20:18
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either "..com" or "..exe" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | os/exec |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:56:12.971Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://go.dev/cl/403759", }, { tags: [ "x_transferred", ], url: "https://go.googlesource.com/go/+/960ffa98ce73ef2c2060c84c7ac28d37a83f345e", }, { tags: [ "x_transferred", ], url: "https://go.dev/issue/52574", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ", }, { tags: [ "x_transferred", ], url: "https://pkg.go.dev/vuln/GO-2022-0532", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "os/exec", platforms: [ "windows", ], product: "os/exec", programRoutines: [ { name: "Cmd.Start", }, ], vendor: "Go standard library", versions: [ { lessThan: "1.17.11", status: "affected", version: "0", versionType: "semver", }, { lessThan: "1.18.3", status: "affected", version: "1.18.0-0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", value: "Chris Darroch (chrisd8088@github.com)", }, { lang: "en", value: "brian m. carlson (bk2204@github.com)", }, { lang: "en", value: "Mikhail Shcherbakov (https://twitter.com/yu5k3)", }, ], descriptions: [ { lang: "en", value: "Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either \"..com\" or \"..exe\" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-94: Improper Control of Generation of Code ('Code Injection')", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-12T19:12:35.518Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://go.dev/cl/403759", }, { url: "https://go.googlesource.com/go/+/960ffa98ce73ef2c2060c84c7ac28d37a83f345e", }, { url: "https://go.dev/issue/52574", }, { url: "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ", }, { url: "https://pkg.go.dev/vuln/GO-2022-0532", }, ], title: "Empty Cmd.Path can trigger unintended binary in os/exec on Windows", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2022-30580", datePublished: "2022-08-09T20:18:04", dateReserved: "2022-05-11T00:00:00", dateUpdated: "2024-08-03T06:56:12.971Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-27774
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-08-03 05:32
Severity ?
EPSS score ?
Summary
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: curl 4.9 to and include curl 7.82.0 are affected |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:32:59.946Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1543773", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220609-0008/", }, { name: "DSA-5197", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202212-01", }, { name: "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/curl/curl", vendor: "n/a", versions: [ { status: "affected", version: "curl 4.9 to and include curl 7.82.0 are affected", }, ], }, ], descriptions: [ { lang: "en", value: "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-522", description: "Insufficiently Protected Credentials (CWE-522)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-28T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1543773", }, { url: "https://security.netapp.com/advisory/ntap-20220609-0008/", }, { name: "DSA-5197", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202212-01", }, { name: "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-27774", datePublished: "2022-06-01T00:00:00", dateReserved: "2022-03-23T00:00:00", dateUpdated: "2024-08-03T05:32:59.946Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23773
Vulnerability from cvelistv5
Published
2022-02-11 00:16
Modified
2024-08-03 03:51
Severity ?
EPSS score ?
Summary
cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC | |
| https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220225-0006/ | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/202208-02 | vendor-advisory, x_refsource_GENTOO |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:51:45.976Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220225-0006/", }, { name: "GLSA-202208-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-04T15:12:04", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220225-0006/", }, { name: "GLSA-202208-02", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-02", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-23773", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", refsource: "MISC", url: "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", }, { name: "https://security.netapp.com/advisory/ntap-20220225-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220225-0006/", }, { name: "GLSA-202208-02", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-02", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-23773", datePublished: "2022-02-11T00:16:08", dateReserved: "2022-01-20T00:00:00", dateUpdated: "2024-08-03T03:51:45.976Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32215
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/nodejs/node |
Version: Fixed in 14.20.1+, 16.17.1+,18.9.1+ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:56.008Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1501679", }, { name: "FEDORA-2022-52dec6351a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { name: "FEDORA-2022-1667f7b60a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { name: "FEDORA-2022-de515f765f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5326", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/nodejs/node", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in 14.20.1+, 16.17.1+,18.9.1+", }, ], }, ], descriptions: [ { lang: "en", value: "The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-444", description: "HTTP Request Smuggling (CWE-444)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-25T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { url: "https://hackerone.com/reports/1501679", }, { name: "FEDORA-2022-52dec6351a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMQK5L5SBYD47QQZ67LEMHNQ662GH3OY/", }, { name: "FEDORA-2022-1667f7b60a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QCNN3YG2BCLS4ZEKJ3CLSUT6AS7AXTH3/", }, { name: "FEDORA-2022-de515f765f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ICG6CSIB3GUWH5DUSQEVX53MOJW7LYK/", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", }, { name: "DSA-5326", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5326", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-32215", datePublished: "2022-07-14T00:00:00", dateReserved: "2022-06-01T00:00:00", dateUpdated: "2024-08-03T07:32:56.008Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32223
Vulnerability from cvelistv5
Published
2022-07-14 14:51
Modified
2024-08-03 07:32
Severity ?
EPSS score ?
Summary
Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/ | x_refsource_MISC | |
| https://hackerone.com/reports/1447455 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20220915-0001/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/nodejs/node |
Version: Fixed in 14.20.0+, 16.20.0+, 18.5.0+ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:32:56.047Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://hackerone.com/reports/1447455", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220915-0001/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/nodejs/node", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in 14.20.0+, 16.20.0+, 18.5.0+", }, ], }, ], descriptions: [ { lang: "en", value: "Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\\Program Files\\Common Files\\SSL\\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-427", description: "Uncontrolled Search Path Element (CWE-427)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-15T17:06:31", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { tags: [ "x_refsource_MISC", ], url: "https://hackerone.com/reports/1447455", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220915-0001/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "support@hackerone.com", ID: "CVE-2022-32223", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "https://github.com/nodejs/node", version: { version_data: [ { version_value: "Fixed in 14.20.0+, 16.20.0+, 18.5.0+", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\\Program Files\\Common Files\\SSL\\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.It is possible for an attacker to place the malicious file `providers.dll` under a variety of paths and exploit this vulnerability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Uncontrolled Search Path Element (CWE-427)", }, ], }, ], }, references: { reference_data: [ { name: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", refsource: "MISC", url: "https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/", }, { name: "https://hackerone.com/reports/1447455", refsource: "MISC", url: "https://hackerone.com/reports/1447455", }, { name: "https://security.netapp.com/advisory/ntap-20220915-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220915-0001/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-32223", datePublished: "2022-07-14T14:51:18", dateReserved: "2022-06-01T00:00:00", dateUpdated: "2024-08-03T07:32:56.047Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23806
Vulnerability from cvelistv5
Published
2022-02-11 00:00
Modified
2024-08-03 03:51
Severity ?
EPSS score ?
Summary
Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:51:45.994Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html", }, { name: "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220225-0006/", }, { name: "GLSA-202208-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-02", }, { name: "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-19T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[debian-lts-announce] 20220428 [SECURITY] [DLA 2985-1] golang-1.7 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00017.html", }, { name: "[debian-lts-announce] 20220428 [SECURITY] [DLA 2986-1] golang-1.8 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00018.html", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { url: "https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ", }, { url: "https://security.netapp.com/advisory/ntap-20220225-0006/", }, { name: "GLSA-202208-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202208-02", }, { name: "[debian-lts-announce] 20230419 [SECURITY] [DLA 3395-1] golang-1.11 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-23806", datePublished: "2022-02-11T00:00:00", dateReserved: "2022-01-21T00:00:00", dateUpdated: "2024-08-03T03:51:45.994Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22389
Vulnerability from cvelistv5
Published
2022-06-24 16:45
Modified
2024-09-16 17:18
Severity ?
EPSS score ?
Summary
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6598047 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/221970 | vdb-entry, x_refsource_XF | |
| https://security.netapp.com/advisory/ntap-20220729-0007/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | DB2 for Linux, UNIX and Windows |
Version: 10.5 Version: 10.1 Version: 9.7 Version: 11.1 Version: 11.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:54.619Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.ibm.com/support/pages/node/6598047", }, { name: "ibm-db2-cve202222389-dos (221970)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221970", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220729-0007/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "DB2 for Linux, UNIX and Windows", vendor: "IBM", versions: [ { status: "affected", version: "10.5", }, { status: "affected", version: "10.1", }, { status: "affected", version: "9.7", }, { status: "affected", version: "11.1", }, { status: "affected", version: "11.5", }, ], }, ], datePublic: "2022-06-23T00:00:00", descriptions: [ { lang: "en", value: "IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitCodeMaturity: "UNPROVEN", integrityImpact: "NONE", privilegesRequired: "LOW", remediationLevel: "OFFICIAL_FIX", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 5.7, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.0/UI:N/PR:L/AC:L/A:H/C:N/AV:N/S:U/I:N/RL:O/E:U/RC:C", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Denial of Service", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-29T19:07:28", orgId: "9a959283-ebb5-44b6-b705-dcc2bbced522", shortName: "ibm", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.ibm.com/support/pages/node/6598047", }, { name: "ibm-db2-cve202222389-dos (221970)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221970", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220729-0007/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@us.ibm.com", DATE_PUBLIC: "2022-06-23T00:00:00", ID: "CVE-2022-22389", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "DB2 for Linux, UNIX and Windows", version: { version_data: [ { version_value: "10.5", }, { version_value: "10.1", }, { version_value: "9.7", }, { version_value: "11.1", }, { version_value: "11.5", }, ], }, }, ], }, vendor_name: "IBM", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740.", }, ], }, impact: { cvssv3: { BM: { A: "H", AC: "L", AV: "N", C: "N", I: "N", PR: "L", S: "U", UI: "N", }, TM: { E: "U", RC: "C", RL: "O", }, }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Denial of Service", }, ], }, ], }, references: { reference_data: [ { name: "https://www.ibm.com/support/pages/node/6598047", refsource: "CONFIRM", title: "IBM Security Bulletin 6598047 (DB2 for Linux, UNIX and Windows)", url: "https://www.ibm.com/support/pages/node/6598047", }, { name: "ibm-db2-cve202222389-dos (221970)", refsource: "XF", title: "X-Force Vulnerability Report", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/221970", }, { name: "https://security.netapp.com/advisory/ntap-20220729-0007/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220729-0007/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9a959283-ebb5-44b6-b705-dcc2bbced522", assignerShortName: "ibm", cveId: "CVE-2022-22389", datePublished: "2022-06-24T16:45:17.882277Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-16T17:18:40.685Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30634
Vulnerability from cvelistv5
Published
2022-07-15 19:36
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | crypto/rand |
Version: 0 ≤ Version: 1.18.0-0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:56:13.255Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://go.dev/cl/402257", }, { tags: [ "x_transferred", ], url: "https://go.googlesource.com/go/+/bb1f4416180511231de6d17a1f2f55c82aafc863", }, { tags: [ "x_transferred", ], url: "https://go.dev/issue/52561", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ", }, { tags: [ "x_transferred", ], url: "https://pkg.go.dev/vuln/GO-2022-0477", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "crypto/rand", platforms: [ "windows", ], product: "crypto/rand", programRoutines: [ { name: "Read", }, ], vendor: "Go standard library", versions: [ { lessThan: "1.17.11", status: "affected", version: "0", versionType: "semver", }, { lessThan: "1.18.3", status: "affected", version: "1.18.0-0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", value: "Davis Goodin", }, { lang: "en", value: "Quim Muntal of Microsoft", }, ], descriptions: [ { lang: "en", value: "Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-12T19:04:27.361Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://go.dev/cl/402257", }, { url: "https://go.googlesource.com/go/+/bb1f4416180511231de6d17a1f2f55c82aafc863", }, { url: "https://go.dev/issue/52561", }, { url: "https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ", }, { url: "https://pkg.go.dev/vuln/GO-2022-0477", }, ], title: "Indefinite hang with large buffers on Windows in crypto/rand", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2022-30634", datePublished: "2022-07-15T19:36:19", dateReserved: "2022-05-12T00:00:00", dateUpdated: "2024-08-03T06:56:13.255Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-27782
Vulnerability from cvelistv5
Published
2022-06-01 00:00
Modified
2024-08-03 05:32
Severity ?
EPSS score ?
Summary
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: Fixed in 7.83.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:32:59.911Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1555796", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220609-0009/", }, { name: "DSA-5197", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202212-01", }, { name: "[oss-security] 20230320 [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/03/20/6", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/curl/curl", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in 7.83.1", }, ], }, ], descriptions: [ { lang: "en", value: "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-840", description: "Business Logic Errors (CWE-840)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-20T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1555796", }, { url: "https://security.netapp.com/advisory/ntap-20220609-0009/", }, { name: "DSA-5197", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202212-01", }, { name: "[oss-security] 20230320 [SECURITY ADVISORY] curl: CVE-2023-27538: SSH connection too eager reuse still", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/03/20/6", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2022-27782", datePublished: "2022-06-01T00:00:00", dateReserved: "2022-03-23T00:00:00", dateUpdated: "2024-08-03T05:32:59.911Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-40234
Vulnerability from cvelistv5
Published
2022-09-19 17:25
Modified
2024-09-16 23:45
Severity ?
EPSS score ?
Summary
Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obtain the private key information for the uploaded certificate. IBM X-Force ID: 235718.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.ibm.com/support/pages/node/6619947 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/235718 | vdb-entry, x_refsource_XF |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Spectrum Protect Plus |
Version: 10.1.0 Version: 10.1.11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:14:39.926Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.ibm.com/support/pages/node/6619947", }, { name: "ibm-spectrum-cve202240234-info-disc (235718)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/235718", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Spectrum Protect Plus", vendor: "IBM", versions: [ { status: "affected", version: "10.1.0", }, { status: "affected", version: "10.1.11", }, ], }, ], datePublic: "2022-09-17T00:00:00", descriptions: [ { lang: "en", value: "Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obtain the private key information for the uploaded certificate. IBM X-Force ID: 235718.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitCodeMaturity: "UNPROVEN", integrityImpact: "NONE", privilegesRequired: "NONE", remediationLevel: "OFFICIAL_FIX", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 5.2, temporalSeverity: "MEDIUM", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/UI:N/S:U/I:N/A:N/AC:H/PR:N/C:H/RC:C/E:U/RL:O", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Obtain Information", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-19T17:25:12", orgId: "9a959283-ebb5-44b6-b705-dcc2bbced522", shortName: "ibm", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.ibm.com/support/pages/node/6619947", }, { name: "ibm-spectrum-cve202240234-info-disc (235718)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/235718", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@us.ibm.com", DATE_PUBLIC: "2022-09-17T00:00:00", ID: "CVE-2022-40234", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Spectrum Protect Plus", version: { version_data: [ { version_value: "10.1.0", }, { version_value: "10.1.11", }, ], }, }, ], }, vendor_name: "IBM", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obtain the private key information for the uploaded certificate. IBM X-Force ID: 235718.", }, ], }, impact: { cvssv3: { BM: { A: "N", AC: "H", AV: "N", C: "H", I: "N", PR: "N", S: "U", UI: "N", }, TM: { E: "U", RC: "C", RL: "O", }, }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Obtain Information", }, ], }, ], }, references: { reference_data: [ { name: "https://www.ibm.com/support/pages/node/6619947", refsource: "CONFIRM", title: "IBM Security Bulletin 6619947 (Spectrum Protect Plus)", url: "https://www.ibm.com/support/pages/node/6619947", }, { name: "ibm-spectrum-cve202240234-info-disc (235718)", refsource: "XF", title: "X-Force Vulnerability Report", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/235718", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "9a959283-ebb5-44b6-b705-dcc2bbced522", assignerShortName: "ibm", cveId: "CVE-2022-40234", datePublished: "2022-09-19T17:25:12.750865Z", dateReserved: "2022-09-08T00:00:00", dateUpdated: "2024-09-16T23:45:52.788Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-22947
Vulnerability from cvelistv5
Published
2021-09-29 00:00
Modified
2024-08-03 18:58
Severity ?
EPSS score ?
Summary
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: curl 7.20.0 to and including 7.78.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:58:26.408Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://hackerone.com/reports/1334763", }, { name: "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html", }, { name: "FEDORA-2021-fc96a3a749", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "FEDORA-2021-1d24845e93", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211029-0003/", }, { name: "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Mar/29", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213183", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "DSA-5197", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202212-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "https://github.com/curl/curl", vendor: "n/a", versions: [ { status: "affected", version: "curl 7.20.0 to and including 7.78.0", }, ], }, ], descriptions: [ { lang: "en", value: "When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-310", description: "Cryptographic Issues - Generic (CWE-310)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-19T00:00:00", orgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", shortName: "hackerone", }, references: [ { url: "https://hackerone.com/reports/1334763", }, { name: "[debian-lts-announce] 20210930 [SECURITY] [DLA 2773-1] curl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html", }, { name: "FEDORA-2021-fc96a3a749", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "FEDORA-2021-1d24845e93", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20211029-0003/", }, { name: "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Mar/29", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { url: "https://support.apple.com/kb/HT213183", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "DSA-5197", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5197", }, { name: "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html", }, { name: "GLSA-202212-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202212-01", }, ], }, }, cveMetadata: { assignerOrgId: "36234546-b8fa-4601-9d6f-f4e334aa8ea1", assignerShortName: "hackerone", cveId: "CVE-2021-22947", datePublished: "2021-09-29T00:00:00", dateReserved: "2021-01-06T00:00:00", dateUpdated: "2024-08-03T18:58:26.408Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-25032
Vulnerability from cvelistv5
Published
2022-03-25 00:00
Modified
2024-08-05 12:26
Severity ?
EPSS score ?
Summary
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:26:39.599Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2022/03/24/1", }, { tags: [ "x_transferred", ], url: "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", }, { name: "[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/03/25/2", }, { name: "[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/03/26/1", }, { name: "DSA-5111", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5111", }, { name: "[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", }, { name: "FEDORA-2022-413a80a102", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", }, { name: "FEDORA-2022-dbd2935e44", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", }, { name: "FEDORA-2022-12b89e2aad", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", }, { name: "[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", }, { name: "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/33", }, { name: "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/35", }, { name: "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/38", }, { name: "FEDORA-2022-61cf1c64f6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2022/03/28/3", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2022/03/28/1", }, { tags: [ "x_transferred", ], url: "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", }, { tags: [ "x_transferred", ], url: "https://github.com/madler/zlib/issues/605", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213257", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213256", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213255", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220526-0009/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { name: "FEDORA-2022-3a92250fd5", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", }, { name: "FEDORA-2022-b58a85e167", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", }, { name: "[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", }, { name: "GLSA-202210-42", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-42", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.openwall.com/lists/oss-security/2022/03/24/1", }, { url: "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531", }, { name: "[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/03/25/2", }, { name: "[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/03/26/1", }, { name: "DSA-5111", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5111", }, { name: "[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html", }, { name: "FEDORA-2022-413a80a102", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/", }, { name: "FEDORA-2022-dbd2935e44", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/", }, { name: "FEDORA-2022-12b89e2aad", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/", }, { name: "[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html", }, { name: "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/May/33", }, { name: "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/May/35", }, { name: "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/May/38", }, { name: "FEDORA-2022-61cf1c64f6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { url: "https://www.openwall.com/lists/oss-security/2022/03/28/3", }, { url: "https://www.openwall.com/lists/oss-security/2022/03/28/1", }, { url: "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12", }, { url: "https://github.com/madler/zlib/issues/605", }, { url: "https://support.apple.com/kb/HT213257", }, { url: "https://support.apple.com/kb/HT213256", }, { url: "https://support.apple.com/kb/HT213255", }, { url: "https://security.netapp.com/advisory/ntap-20220526-0009/", }, { url: "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { name: "FEDORA-2022-3a92250fd5", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/", }, { name: "FEDORA-2022-b58a85e167", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/", }, { name: "[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html", }, { name: "GLSA-202210-42", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-42", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-25032", datePublished: "2022-03-25T00:00:00", dateReserved: "2022-03-25T00:00:00", dateUpdated: "2024-08-05T12:26:39.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1292
Vulnerability from cvelistv5
Published
2022-05-03 15:15
Modified
2024-09-16 22:24
Severity ?
EPSS score ?
Summary
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:55:24.565Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20220503.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb", }, { name: "[debian-lts-announce] 20220515 [SECURITY] [DLA 3008-1] openssl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", }, { name: "DSA-5139", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5139", }, { name: "FEDORA-2022-b651cb69e6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", }, { name: "FEDORA-2022-c9c02865f6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220602-0009/", }, { tags: [ "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-02", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2)", }, { status: "affected", version: "Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n)", }, { status: "affected", version: "Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd)", }, ], }, ], credits: [ { lang: "en", value: "Elison Niven (Sophos)", }, ], datePublic: "2022-05-03T00:00:00", descriptions: [ { lang: "en", value: "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#Moderate", value: "Moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Command injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-14T00:00:00", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20220503.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e5fd1728ef4c7a5bf7c7a7163ca60370460a6e23", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=548d3f280a6e737673f5b61fce24bb100108dfeb", }, { name: "[debian-lts-announce] 20220515 [SECURITY] [DLA 3008-1] openssl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/05/msg00019.html", }, { name: "DSA-5139", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5139", }, { name: "FEDORA-2022-b651cb69e6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VX4KWHPMKYJL6ZLW4M5IU7E5UV5ZWJQU/", }, { name: "FEDORA-2022-c9c02865f6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNU5M7BXMML26G3GPYKFGQYPQDRSNKDD/", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20220602-0009/", }, { url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0011", }, { url: "https://security.netapp.com/advisory/ntap-20220729-0004/", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-953464.pdf", }, ], title: "The c_rehash script allows command injection", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2022-1292", datePublished: "2022-05-03T15:15:19.758225Z", dateReserved: "2022-04-11T00:00:00", dateUpdated: "2024-09-16T22:24:42.723Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3759
Vulnerability from cvelistv5
Published
2022-08-23 00:00
Modified
2024-08-03 17:09
Severity ?
EPSS score ?
Summary
A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:09:08.717Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1999675", }, { tags: [ "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2021-3759", }, { tags: [ "x_transferred", ], url: "https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive%40gmail.com/", }, { name: "[debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "kernel", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in Linux kernel 5.15-rc1", }, ], }, ], descriptions: [ { lang: "en", value: "A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400 - Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-22T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://bugzilla.redhat.com/show_bug.cgi?id=1999675", }, { url: "https://access.redhat.com/security/cve/CVE-2021-3759", }, { url: "https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive%40gmail.com/", }, { name: "[debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3759", datePublished: "2022-08-23T00:00:00", dateReserved: "2021-09-01T00:00:00", dateUpdated: "2024-08-03T17:09:08.717Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-31028
Vulnerability from cvelistv5
Published
2022-06-03 14:40
Modified
2024-08-03 07:03
Severity ?
EPSS score ?
Summary
MinIO is a multi-cloud object storage solution. Starting with version RELEASE.2019-09-25T18-25-51Z and ending with version RELEASE.2022-06-02T02-11-04Z, MinIO is vulnerable to an unending go-routine buildup while keeping connections established due to HTTP clients not closing the connections. Public-facing MinIO deployments are most affected. Users should upgrade to RELEASE.2022-06-02T02-11-04Z to receive a patch. One possible workaround is to use a reverse proxy to limit the number of connections being attempted in front of MinIO, and actively rejecting connections from such malicious clients.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/minio/minio/security/advisories/GHSA-qrpr-r3pw-f636 | x_refsource_CONFIRM | |
| https://github.com/minio/minio/pull/14995 | x_refsource_MISC | |
| https://gist.github.com/harshavardhana/2d00e6f909054d2d2524c71485ad02e1 | x_refsource_MISC | |
| https://github.com/minio/minio/releases/tag/RELEASE.2022-06-03T01-40-53Z | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:03:40.192Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/minio/minio/security/advisories/GHSA-qrpr-r3pw-f636", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/minio/minio/pull/14995", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://gist.github.com/harshavardhana/2d00e6f909054d2d2524c71485ad02e1", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/minio/minio/releases/tag/RELEASE.2022-06-03T01-40-53Z", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "minio", vendor: "minio", versions: [ { status: "affected", version: ">= RELEASE.2019-09-25T18-25-51Z, < RELEASE.2022-06-02T02-11-04Z", }, ], }, ], descriptions: [ { lang: "en", value: "MinIO is a multi-cloud object storage solution. Starting with version RELEASE.2019-09-25T18-25-51Z and ending with version RELEASE.2022-06-02T02-11-04Z, MinIO is vulnerable to an unending go-routine buildup while keeping connections established due to HTTP clients not closing the connections. Public-facing MinIO deployments are most affected. Users should upgrade to RELEASE.2022-06-02T02-11-04Z to receive a patch. One possible workaround is to use a reverse proxy to limit the number of connections being attempted in front of MinIO, and actively rejecting connections from such malicious clients.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-400", description: "CWE-400: Uncontrolled Resource Consumption", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-03T14:40:11", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/minio/minio/security/advisories/GHSA-qrpr-r3pw-f636", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/minio/minio/pull/14995", }, { tags: [ "x_refsource_MISC", ], url: "https://gist.github.com/harshavardhana/2d00e6f909054d2d2524c71485ad02e1", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/minio/minio/releases/tag/RELEASE.2022-06-03T01-40-53Z", }, ], source: { advisory: "GHSA-qrpr-r3pw-f636", discovery: "UNKNOWN", }, title: "Possible DDOS by establishing keep-alive connections with anonymous HTTP clients in MinIO", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-31028", STATE: "PUBLIC", TITLE: "Possible DDOS by establishing keep-alive connections with anonymous HTTP clients in MinIO", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "minio", version: { version_data: [ { version_value: ">= RELEASE.2019-09-25T18-25-51Z, < RELEASE.2022-06-02T02-11-04Z", }, ], }, }, ], }, vendor_name: "minio", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "MinIO is a multi-cloud object storage solution. Starting with version RELEASE.2019-09-25T18-25-51Z and ending with version RELEASE.2022-06-02T02-11-04Z, MinIO is vulnerable to an unending go-routine buildup while keeping connections established due to HTTP clients not closing the connections. Public-facing MinIO deployments are most affected. Users should upgrade to RELEASE.2022-06-02T02-11-04Z to receive a patch. One possible workaround is to use a reverse proxy to limit the number of connections being attempted in front of MinIO, and actively rejecting connections from such malicious clients.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-400: Uncontrolled Resource Consumption", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/minio/minio/security/advisories/GHSA-qrpr-r3pw-f636", refsource: "CONFIRM", url: "https://github.com/minio/minio/security/advisories/GHSA-qrpr-r3pw-f636", }, { name: "https://github.com/minio/minio/pull/14995", refsource: "MISC", url: "https://github.com/minio/minio/pull/14995", }, { name: "https://gist.github.com/harshavardhana/2d00e6f909054d2d2524c71485ad02e1", refsource: "MISC", url: "https://gist.github.com/harshavardhana/2d00e6f909054d2d2524c71485ad02e1", }, { name: "https://github.com/minio/minio/releases/tag/RELEASE.2022-06-03T01-40-53Z", refsource: "MISC", url: "https://github.com/minio/minio/releases/tag/RELEASE.2022-06-03T01-40-53Z", }, ], }, source: { advisory: "GHSA-qrpr-r3pw-f636", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-31028", datePublished: "2022-06-03T14:40:11", dateReserved: "2022-05-18T00:00:00", dateUpdated: "2024-08-03T07:03:40.192Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.