csaf_redhat - rhsa-2022

rhsa-2022_7058

Vulnerability from csaf_redhat

Published

2022-10-19 22:19

Modified

2024-11-13 23:49

Summary

Red Hat Security Advisory: OpenShift sandboxed containers 1.3.1 security fix and bug fix update

Notes

Topic

OpenShift sandboxed containers 1.3.1 is now available.

Details

OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional, optional runtime. This advisory contains an update for OpenShift sandboxed containers with security fixes and a bug fix. Space precludes documenting all of the updates to OpenShift sandboxed containers in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes: https://docs.openshift.com/container-platform/4.11/sandboxed_containers/sandboxed-containers-release-notes.html

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "OpenShift sandboxed containers 1.3.1 is now available.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenShift sandboxed containers support for OpenShift Container Platform\nprovides users with built-in support for running Kata containers as an\nadditional, optional runtime.\n\nThis advisory contains an update for OpenShift sandboxed containers with  security fixes and a bug fix.\n\nSpace precludes documenting all of the updates to OpenShift sandboxed\ncontainers in this advisory. See the following Release Notes documentation,\nwhich will be updated shortly for this release, for details about these\nchanges:\n\nhttps://docs.openshift.com/container-platform/4.11/sandboxed_containers/sandboxed-containers-release-notes.html",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:7058",
        "url": "https://access.redhat.com/errata/RHSA-2022:7058"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2077688",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
      },
      {
        "category": "external",
        "summary": "2107386",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
      },
      {
        "category": "external",
        "summary": "2118556",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118556"
      },
      {
        "category": "external",
        "summary": "KATA-1754",
        "url": "https://issues.redhat.com/browse/KATA-1754"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_7058.json"
      }
    ],
    "title": "Red Hat Security Advisory: OpenShift sandboxed containers 1.3.1 security fix and bug fix update",
    "tracking": {
      "current_release_date": "2024-11-13T23:49:21+00:00",
      "generator": {
        "date": "2024-11-13T23:49:21+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.0"
        }
      },
      "id": "RHSA-2022:7058",
      "initial_release_date": "2022-10-19T22:19:53+00:00",
      "revision_history": [
        {
          "date": "2022-10-19T22:19:53+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-10-19T22:19:53+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-13T23:49:21+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "OpenShift Sandboxed Containers 1.3",
                "product": {
                  "name": "OpenShift Sandboxed Containers 1.3",
                  "product_id": "8Base-OSE-OSC-1.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1.3.0::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
                "product": {
                  "name": "openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
                  "product_id": "openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-monitor-rhel8\u0026tag=1.3.1-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
                "product": {
                  "name": "openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
                  "product_id": "openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-must-gather-rhel8\u0026tag=1.3.1-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
                "product": {
                  "name": "openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
                  "product_id": "openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-operator-bundle\u0026tag=1.3.1-10"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64",
                "product": {
                  "name": "openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64",
                  "product_id": "openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-sandboxed-containers/osc-rhel8-operator\u0026tag=1.3.1-5"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64 as a component of OpenShift Sandboxed Containers 1.3",
          "product_id": "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64"
        },
        "product_reference": "openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
        "relates_to_product_reference": "8Base-OSE-OSC-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64 as a component of OpenShift Sandboxed Containers 1.3",
          "product_id": "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64"
        },
        "product_reference": "openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
        "relates_to_product_reference": "8Base-OSE-OSC-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64 as a component of OpenShift Sandboxed Containers 1.3",
          "product_id": "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64"
        },
        "product_reference": "openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
        "relates_to_product_reference": "8Base-OSE-OSC-1.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64 as a component of OpenShift Sandboxed Containers 1.3",
          "product_id": "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64"
        },
        "product_reference": "openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64",
        "relates_to_product_reference": "8Base-OSE-OSC-1.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "sangjun"
          ]
        }
      ],
      "cve": "CVE-2022-2832",
      "cwe": {
        "id": "CWE-395",
        "name": "Use of NullPointerException Catch to Detect NULL Pointer Dereference"
      },
      "discovery_date": "2022-08-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2118556"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "blender: Null pointer reference in blender thumbnail extractor",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-2832"
        },
        {
          "category": "external",
          "summary": "RHBZ#2118556",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118556"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2832",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-2832"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2832",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2832"
        }
      ],
      "release_date": "2022-08-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-10-19T22:19:53+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://docs.openshift.com/container-platform/latest/sandboxed_containers/upgrade-sandboxed-containers.html",
          "product_ids": [
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:7058"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "blender: Null pointer reference in blender thumbnail extractor"
    },
    {
      "cve": "CVE-2022-24675",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2022-04-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2077688"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow flaw was found in Golang\u0027s library encoding/pem. This flaw allows an attacker to use a large PEM input (more than 5 MB), causing a stack overflow in Decode, which leads to a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: encoding/pem: fix stack overflow in Decode",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Enterprise Linux 7, 8 and 9 are affected, because the code-base is affected by this vulnerability.\n\nRed Hat Product Security has rated this issue as having Moderate security impact, and the issue is not currently planned to be addressed in future updates for Red Hat Enterprise Linux 7, hence, marked as Out-of-Support-Scope.\n\nRed Hat Developer Tools - Compilers (go-toolset-1.16-golang \u0026 go-toolset-1.17-golang), ships the vulnerable code and affected by this vulnerability.\n\nFor additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/ and Red Hat Enterprise Linux Life Cycle \u0026 Updates Policy: https://access.redhat.com/support/policy/updates/errata/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "RHBZ#2077688",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077688"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24675",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24675"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8",
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        }
      ],
      "release_date": "2022-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-10-19T22:19:53+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://docs.openshift.com/container-platform/latest/sandboxed_containers/upgrade-sandboxed-containers.html",
          "product_ids": [
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:7058"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: encoding/pem: fix stack overflow in Decode"
    },
    {
      "cve": "CVE-2022-30632",
      "cwe": {
        "id": "CWE-1325",
        "name": "Improperly Controlled Sequential Memory Allocation"
      },
      "discovery_date": "2022-07-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2107386"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: path/filepath: stack exhaustion in Glob",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
          "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "RHBZ#2107386",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-30632",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/53416",
          "url": "https://go.dev/issue/53416"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        }
      ],
      "release_date": "2022-07-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-10-19T22:19:53+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://docs.openshift.com/container-platform/latest/sandboxed_containers/upgrade-sandboxed-containers.html",
          "product_ids": [
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:7058"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-monitor-rhel8@sha256:4030d96a383f9d20de9e66ee6f6beb7e400f5640d1e5913888fe4bb4a11839e7_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-must-gather-rhel8@sha256:b3192b8464c1aa320872ba00adcfbd6ef1f0e2e579b1d74baec771b8e21d9a5c_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-operator-bundle@sha256:7ca09fa0c33ec0ebec22fd83e636f9f9f5ff93ae98d449de3df6222978cfda77_amd64",
            "8Base-OSE-OSC-1.3:openshift-sandboxed-containers/osc-rhel8-operator@sha256:ce0e4f415f165f5f65c72e3a499c6922a2d88e6c3d2960b007744e3bbbe2e78b_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: path/filepath: stack exhaustion in Glob"
    }
  ]
}

cve-2022-30632

Vulnerability from cvelistv5

Published

2022-08-09 20:15

Modified

2024-08-03 06:56

Severity ?

Summary

Stack exhaustion on crafted paths in path/filepath

References

▼	URL	Tags
	https://go.dev/cl/417066
	https://go.googlesource.com/go/+/ac68c6c683409f98250d34ad282b9e1b0c9095ef
	https://go.dev/issue/53416
	https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE
	https://pkg.go.dev/vuln/GO-2022-0522

Impacted products

▼	Vendor	Product
	Go standard library	path/filepath

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:56:13.251Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/cl/417066"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.googlesource.com/go/+/ac68c6c683409f98250d34ad282b9e1b0c9095ef"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/issue/53416"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pkg.go.dev/vuln/GO-2022-0522"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "path/filepath",
          "product": "path/filepath",
          "programRoutines": [
            {
              "name": "Glob"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.17.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.18.4",
              "status": "affected",
              "version": "1.18.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Juho Nurminen of Mattermost"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path containing a large number of path separators."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-674: Uncontrolled Recursion",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-12T19:04:36.688Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/417066"
        },
        {
          "url": "https://go.googlesource.com/go/+/ac68c6c683409f98250d34ad282b9e1b0c9095ef"
        },
        {
          "url": "https://go.dev/issue/53416"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2022-0522"
        }
      ],
      "title": "Stack exhaustion on crafted paths in path/filepath"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2022-30632",
    "datePublished": "2022-08-09T20:15:37",
    "dateReserved": "2022-05-12T00:00:00",
    "dateUpdated": "2024-08-03T06:56:13.251Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-24675

Vulnerability from cvelistv5

Published

2022-04-20 00:00

Modified

2024-08-03 04:20

Severity ?

Summary

encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.

References

▼	URL	Tags
	https://groups.google.com/g/golang-announce
	https://groups.google.com/g/golang-announce/c/oecdBNLOml8
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/	vendor-advisory
	https://security.gentoo.org/glsa/202208-02	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/	vendor-advisory
	https://security.netapp.com/advisory/ntap-20220915-0010/
	https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T04:20:49.135Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
          },
          {
            "name": "FEDORA-2022-a49babed75",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/"
          },
          {
            "name": "FEDORA-2022-c0f780ecf1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/"
          },
          {
            "name": "FEDORA-2022-e46e6e8317",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/"
          },
          {
            "name": "FEDORA-2022-fae3ecee19",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
          },
          {
            "name": "FEDORA-2022-ba365d3703",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
          },
          {
            "name": "GLSA-202208-02",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202208-02"
          },
          {
            "name": "FEDORA-2022-30c5ed5625",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220915-0010/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-14T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://groups.google.com/g/golang-announce"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/oecdBNLOml8"
        },
        {
          "name": "FEDORA-2022-a49babed75",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42TYZC4OAY54TO75FBEFAPV5G7O4D5TM/"
        },
        {
          "name": "FEDORA-2022-c0f780ecf1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F3BMW5QGX53CMIJIZWKXFKBJX2C5GWTY/"
        },
        {
          "name": "FEDORA-2022-e46e6e8317",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCRSABD6CUDIZULZPZL5BJ3ET3A2NEJP/"
        },
        {
          "name": "FEDORA-2022-fae3ecee19",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
        },
        {
          "name": "FEDORA-2022-ba365d3703",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
        },
        {
          "name": "GLSA-202208-02",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202208-02"
        },
        {
          "name": "FEDORA-2022-30c5ed5625",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20220915-0010/"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-24675",
    "datePublished": "2022-04-20T00:00:00",
    "dateReserved": "2022-02-08T00:00:00",
    "dateUpdated": "2024-08-03T04:20:49.135Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-2832

Vulnerability from cvelistv5

Published

2022-08-16 19:26

Modified

2024-08-03 00:52

Severity ?

Summary

A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity.

References

▼	URL	Tags
	https://developer.blender.org/T99706	x_refsource_MISC
	https://developer.blender.org/D15463	x_refsource_MISC
	https://developer.blender.org/rB00dc7477022acdd969e4d709a235c0be819efa6c	x_refsource_MISC

Impacted products

▼	Vendor	Product
	n/a	Blender

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T00:52:59.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://developer.blender.org/T99706"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://developer.blender.org/D15463"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://developer.blender.org/rB00dc7477022acdd969e4d709a235c0be819efa6c"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Blender",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Blender 3.3.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-395",
              "description": "CWE-395",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-01T21:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://developer.blender.org/T99706"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://developer.blender.org/D15463"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://developer.blender.org/rB00dc7477022acdd969e4d709a235c0be819efa6c"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2022-2832",
    "datePublished": "2022-08-16T19:26:05",
    "dateReserved": "2022-08-16T00:00:00",
    "dateUpdated": "2024-08-03T00:52:59.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2022_7058

Vulnerability from csaf_redhat

cve-2022-30632

Vulnerability from cvelistv5

cve-2022-24675

Vulnerability from cvelistv5

cve-2022-2832

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature